*  World-Class  IT:  Inside  Wal-Mart 


Exclusive  Interview  with 
CIO  Kevin  Turner  Page  64 


I.T.  FUELS 
JETBLUE  TAKEOFI 


In  a  Troubled  Industry, 
One  Airline’s  Strategy 

for  Success  Page 72 


WIRELESS  LANS: 
CHEAP,  COOL  AND 
DANGEROUS 


on  Executives 


5  Ways  to  Secure 

Your  Network  Page 80 


Doing  Business  in 

Singapore  Page  88 


TAI/C  fUp 


— .1  I  I  t 

The  difference  between  success  and  failure 


fsgsll 

|  1  i  : 


Sili 


Bob  Cottom 

Chief  Integrator,  SchlumbergerSema 


We  have  hardware  that  comes  from  ever 
HP  OpenView  software  holds  it  together." 


<£>2002  HeyJett  P-ck Untd Company.  All  tinlits  resetved. 


1/lOOOth  of  a  second.  And  with  so  much  at  stake,  IT  managers  at  SchlumbergerSema  can't  waste  time  when 

it  comes  to  wiring  some  of  the  worlds  largest  sporting  events. 

Which  is  why  they  head  to  best-of-breed  vendors.  Servers,  PC's,  printers, 
routers,  switches  and  databases  are  spec'd  from  the  usual  suspects,  but  they 
also  need  comprehensive  management  software  to  tie  all  of  this  disparate 
hardware  together. 

And  in  one  recent  case,  HP  OpenView  management  software  perfectly 
fit  the  bill. 

The  assembled  infrastructure  handled  everything  from  security  check-ins 
to  live  time  stats  to  e-mail  intranets  for  athletes,  coaches  and  statistic-hungry 
media— instantaneously.  That  meant  up  to  25,000  different  system  interfaces, 
including  10,000  live  nodes,  all  controllable  from  a  centralized  mission-critical 
data  center.  All  told,  thousands  of  workers  and  millions  of  viewers  had  real-time 
stats,  updates  and  forecasts— the  instant  points  went  on  the  board.  (Incidentally, 
the  computer  system  took  care  of  that  too.) 

Whatever  the  event,  keeping  all  these  plates  spinning  is  always  quite 
a  challenge,  and  HP  OpenView  handles  it  by  providing  monitoring  systems  that 
spot  trouble  and  avert  downtime.  And  with  so  much  always  riding  on  so  little 
time,  SchlumbergerSema  can't  spare  an  instant  for  a  single  system  holdup. 

HP  infrastructure  solutions  are  engineered  for  the  real  world  of  business. 
Because  the  last  time  we  checked,  that's  where  we  all  work.  For  more  information 
on  how  HP  OpenView  software  can  keep  your  business  racing  along,  call 
1.800.HPASKME,  ext.  246.  Or  visit  www.hp.com/go/infrastructure. 

Infrastructure:  it  starts  with  you. 


invent 


©  2002  Microsoft  Corporation.  All  rights  reserved.  Microsoft  is  a  registered  trademark  of  Microsoft  Corporation  in  the  United  States  and/of  other  countries. 


%>im  rji'ti  muii— iwwitmuM. 


IhhH 


*  % 
%  » 


Introducing  Microsoft  Project  Server  2002,  the  newest  way  to  manage  your  enterprise  projects  at  every 

organizational  level.  Today’s  complex  projects  have  grown  to  encompass  multiple  departments,  organizations,  and 
geographies,  which  means  visibility  and  collaboration  are  more  essential  than  ever.  Part  of  the  Microsoft®  .NET 
family  of  servers,  Microsoft  Project  Server  2002  works  with  Microsoft  Project  Professional  2002  to  help  you  manage 
resources  and  model  projects  across  your  portfolio.  Web-based  access  to  project  information  keeps  everyone  in  the 
loop,  at  anytime  and  from  anywhere.  And  the  open  architecture  in  Microsoft  Project  Server  2002  allows  you  to  deploy 
a  customized,  secure,  enterprise-scale  project-management  solution  that  integrates  with  your  current  business 
systems.  So  even  when  there  are  lots  of  hands  on  the  job,  they’re  still  of  one  mind. 

Find  out  how  Microsoft  Project  Server  2002  can  help  you  manage  projects  across 
your  organization.  Go  to  goprojectserver.com  Software  for  the  Agile  Business. 


,dl 


Microsoft 


Your  legacy  systems  have  he 


jgfrr  «n 

Wa&Ff~ 

©2002  WRQ,  Inc.  All  rights  reserved. 


grow  strong. 


uproot  them  now? 


You  don’t  have  to  start  over  to  get  ahead.  Imagine 


integrating  your  legacy  systems  easily  adapting  to 


early  ROI  —  all  without  uprooting  existing  business 


applications.  We’re  already  doing  that  for  3  out  of  5 


Fortune  500  companies.  And,  WRQ’s  software  is 


rated  #  1  in  service  and  support.  For  case  studies  with 


proven  ROI,  visit  www.wrq.com/info/cio 


WRQ 


Cover  Story 


ETHICS  I  56 


TAKE  the 

Data  has  no  ethics.  Data  doesn’t  care  how  it’s  used. 

But  the  use  and  misuse  of  data  has  become  the  critical 
issue  for  today’s  information-intensive  enterprise.  And 
now  CIOs  are  working  to  develop  a  code  for  ethical 
data  management.  By  Scott  Berinato 


COVER  PHOTO  BY  FURNALD/GRAY 


Features 


INTERVIEW 

The  IT  Inside  the  World’s  Biggest  Company  I  64 

Long  publicity  shy,  Wal-Mart  opens  its  doors  for  an  exclusive 
CIO  interview  with  CIO  Kevin  Turner,  who  shares  the  secrets 
behind  Wal-Mart’s  global  growth,  what’s  happened  since  Sept.  1 1 
and  which  technologies  the  retailer  is  eyeing  for  the  future. 

By  Abbie  Lundberg 


"Technology  at  this  point  is  sim¬ 
ply  a  means  to  an  end,”  says 
Wal-Mart  CIO  Kevin  Turner. 
“What  is  really  strategic  is  the 
use  of  information  and  how  we 
exploit  and  maximize  it.”  For 
more  on  Wal-Mart’s  36-year-old 
CIO,  see  Page  64. 


STARTUP  STRATEGIES 
JetBlue  Skies  Ahead  I  72 

The  founders  of  JetBlue  Airways  use  IT  as  the  backbone  of 
their  “high-tech,  high-touch”  startup.  Can  you  say,  “last- 
mover  advantage”?  By  Stephanie  Overby 

WIRELESS  SECURITY 
Cheap,  Cool  and  Dangerous  I  80 

A  grassroots  wireless  LAN  movement  is  rolling  onto  the  networks 
of  unsuspecting  CIOs.  It  might  already  be  too  late  to  stop  its 
spread,  but  it’s  not  too  late  to  make  it  secure.  By  Sarah  D.  Scalet 

GLOBAL  BUSINESS 
First  Stop,  Singapore  I  88 

The  promise  of  entering  the  vast  Asian  marketplace  has  lured 
global  companies  to  Singapore  by  the  thousands.  But  no  matter 
how  Westernized  and  business-friendly  the  city-state  may  seem, 
it’s  important  to  remember  that  it’s  not  home  and  the  rules  are 
different.  By  Tom  Field 

RflORE 


6 


CIO  JULY  1,  2002  •  www.cio.com 


THE  GOOD  NEWS  IS,  YOU  NOW  HAVE  MORE  VALUABLE 
INFORMATION  COMING  INTO  YOUR  BUSINESS  THAN  EVER  BEFORE. 

BUT  THEN,  THAT'S  ALSO  THE  BAD  NEWS. 


BrightStor™  Storage  Resource  Manager 

The  smart  alternative  to  managing  your  storage. 

You  never  thought  you  could  have  too  much  of  a  good  thing  when  it  came  to  critical 
business  information.  But  now  the  time  has  come.  That's  why  it's  more  important 
than  ever  to  have  the  right  software.  With  BrightStor  Storage  Resource  Manager,  you 
can  finally  get  a  firm  handle  on  all  your  assets.  BrightStor™  works  across  multiple 
platforms,  protocols,  and  applications,  so  you  can  tap  into  information  on  how  your 
storage  is  being  used  throughout  your  enterprise,  wherever  it  may  be.  As  a  result, 
you  can  truly  leverage  your  resources,  making  them  work  for  you  like  never  before. 
And  the  downside?  There  isn't  one.  To  find  out  more,  go  to  ca.com/brightstor/srm  today. 


Computer  Associates™ 


HELLO  TOMORROW" 


WE  ARE  COMPUTER  ASSOCIATES 


THE  SOFTWARE  THAT  MANAGES  eBUSINESS  v 


©2002  Computer  Associates  International,  Inc.  (CA).  All  trademarks,  trade  names,  service  marks  and  logos  referenced  herein  belong  to  their  respective  companies. 


*]Sr’v„v;5vV:w-, 


once  again, 
our  technology  is 
making  noise. 


H 


©2002  Palm,  Inc.  All  rights  reserved.  Palm. Net  is  a  registered  trademark  and  Palm  and  the  Palm  logo  are  trademarks  of  Palm,  Inc. 
or  its  subsidiaries.  Other  products  and  brand  names  may  be  trademarks  or  registered  trademarks  of  their  respective  owners 


Once  again,  people  are  talking 
about  Palm  innovations.  Only 
this  time,  it's  at  companies 
building  solutions  for  their 
enterprise.  Like  streamlining 
order  fulfillment.  Or  mobilizing 
sales  forces.  Or  simplifying 
access  to  information.  Along 
with  leading  solutions 
providers  that  include  BEA, 


IBM,  McKesson,  and  Siebel 
Systems,  Palm  delivers  mobile 
solutions  that  work  hard  for 
today's  businesses.  For  more 
information  on  how  we've 
helped  deliver  results,  visit  our 
site  at  palm.com/enterprise 
and  read  our  customer 
success  stories  and  total  cost 
of  ownership  white  paper. 


CIO  OBSERVER  I  48 

On  Assignment 

By  Jerry  Gregoire 

Our  intrepid  reporter — and  former 
CIO — gets  a  glimpse  into  the  wooly 
world  of  trade  journalism  at  a  major 
software  vendor’s  user  conference.  Let 
the  mind  games  begin. 


Columns 

FROM  THE  PUBLISHER 
The  Imperfect  Boss  I  21 

Leading  IT  in  your  company  is  your 
responsibility — regardless  of  whom  you 
call  boss.  By  Gary  Beach 

TOTAL  LEADERSHIP 
How  Does  Your 
Workforce  Grow?  I  44 

Effective  leadership  requires  equal  parts  of 
long-range  planning  and  regular  pruning. 
By  Christopher  Hoenig 

REALITY  BYTES 
Summertime  and  the  Books 
Are  Cheesy  I  108 

Every  season  is  the  silly  season  in  the 
business  books  field.  But  summertime  is  the 
time  to  sample  them.  By  Megan  Santosus 

Sections 

TRENDLINES  I  28 

U.S.  banks  enforce  Patriot  Act;  Telephone 
technology;  Stop  that  cart!  And  more 

BY  THE  NUMBERS  I  32 

Get  a  return  on  IT  staff  certifications. 

ON  THE  MOVE  I  38 

CIOs  on  the  go — -see  where  your  IT  peers 
are  working  now. 


EMERGING  TECHNOLOGY  I  98 

New  predictive  intelligence  tools  may  clear 
cloudy  futures.  By  David  L.  Margulius 

COOL  PRODUCT  I  102 

Good  Technology’s  entry  into  the  wireless 
handheld  market. 

UNDER  DEVELOPMENT  I  104 

A  new  DNA  computer — it’s  more  like  a 
biochemistry  lab  than  a  PC. 

PUNDITS  I  106 

Hype  aside,  here’s  what  to  expect  as 
nanotechnology  grows  up. 

By  Thomas  N.  Theis 


In  Every  Issue 

FROM  THE  EDITOR 
Do  the  Right  Thing  I  18 

Does  your  company  have  clearly  defined 
data  privacy  guidelines?  It  should. 

By  Abbie  Lundberg 

INBOX  I  22 

Reader  feedback 

INDEX  I  115 

EXECUTIVE  SUMMARY  I  116 

Abstracts  of  all  the  feature  stories  found 
in  this  issue. 


“I’ve  been  consistently  awestruck  by  how  damaging 
one  bad  employee  can  be.  Every  leader  I’ve  ever 
met  has  a  secret  name  for  these  employees: 

‘bad  apple,’  ‘black  hole,’  ‘cancerous.’” 

-Christopher  Hoenig,  Total  Leadership  columnist,  on  pruning  your  IT  staff  Page  44 


10  CIO  JULY  1,  2002  •  www.cio.com 


For  further  information, contact: 
NTT  Communications  Corporation, 
n  t  t  v  e  rio@ntt.com 


On  Time.  Up  Time. 
ALL  the  Time. 


www.nttverio.com/ad 

Offering  solutions  with  guaranteed  results. 


ip-vpn  '  Lpp.%c  Type 

•MPLS  Type 


Dedicated  Hosting 


Data  Centers 


Arcstar  Global  Network  Services 


The  NTT/VERIO  Global  IP  Network  employs  a  Tier  One  global  IP  backbone  covering 
the  Americas,  Asia,  Europe,  and  Australia.  Backed  by  NTT  Communications,  a  part 
of  the  world's  largest  telecommunications  group,  the  NTT/VERIO  Global  IP  Network 
provides  Dedicated  Internet  Access  with  built-in  redundancies,  and  speeds  ranging 
from  T1  to  0C12  so  you  always  get  your  data  where  and  when  you  need  it. 
Designed  and  built  from  the  ground  up  to  carry  IP  traffic,  this  Tier  One  Global  IP 
Network  is  monitored  24  hours  a  day  and  365  days  a  year  in  state-of-the-art 
Network  Operations  Centers.  The  NTT/VERIO  Global  IP  Network  also  provides  you 
with  a  scalable  and  flexible  range  of  global  IPSec  VPN  solutions,  including  Global 
IP  Security  Gateway  Services.  And  behind  it  all  are  the  most  experienced  technical 
staff  and  most  aggressive  global  SLAs  in  the  industry. 

Visit  www.nttverio.com/ad  to  find  out  more  about  how  we  can  help  you  and  your 
data  get  where  you're  going. 


NTT /VERIO 


NTT  Communications  Group  Offices  Japan  •  USA  •  Brazil  •  UK  •  France  •  Germany  •  Netherlands  •  Belgium  •  Switzerland 
•  Italy  •  Spain  •  Korea  •  China  •  Hong  Kong  •  Taiwan  •  Vietnam  •  Thailand  •  Indonesia  •  Singapore  •  Malaysia  •  Philippines  •  Sri  Lanka  •  Australia 

•  A  full  service  offering  may  not  be  available  in  some  areas 

NTT  is  a  trademark  of  NIPPON  TELEGRAPH  AND  TELEPHONE  CORPORATION.  Verio  is  a  trademark  of  Verio  Inc.  Arcstar  is  a  trademark  of  NTT  Communications 
Corporation.  All  other  referenced  product  names  are  trademarks  of  their  respective  owners.  ©2002  NTT  Communications  Corporation 


wm 


DELIVER 

SERVICES 


CREATE 

NEW  SERVICES 


DEPLOY 

SERVICES 


IDENTITY 
AND  SECURITY 


registered  trademark*  of  Suif  JVficrqjystei 


’  *0  *  •  .  -  •  •  3. 

NO  SERVICE 
NEXT  96  MILES 

•  .-j  ,  .  ...  •  •  j>. 


1^04  *~*%.*^  '<• 


•■■•<•  s-?  * , 


£{$?  jkw 


Ifed  States  and  other  countries 


On  the  road  to  Web  services, 

a  system 
breakdown  is 
an  invitation  for 
the  buzzards. 


Sun  ONE 


Open  Net  Environment 


Reports  from  the  road:  Virgin  Atlantic  Airways. 

The  Solaris  Operating  Environment  ensures  that  applica¬ 
tions  for  Virgin  Atlantic  Airways  -  from  Web-based  frequent 
flier  information  to  mission-critical  flight  operations  -  are 
easily  manageable  and  readily  available. 

Reports  from  the  road:  Wingcast. 

Thanks  to  Wingcast,  cars  will  soon  be  equipped  with  wire¬ 
less  safety,  communication  and  convenience  services. 
Anticipating  millions  of  wired  vehicles  to  come,  Wingcast 
wisely  chose  the  Solaris  8  Operating  Environment  for  its 
scalability  and  reliability. 

Sun’s  associates  for  the  ride. 

Sun  teams  with  some  of  the  best  systems  integrators  in 
the  business  providing  the  knowledge  and  experience  you 
need  to  help  you  deploy  your  Web  services  on  the  Solaris 
platform  today:  Cap  Gemini  Ernst  &  Young,  Deloitte  Consulting, 
EDS,  KPMG  Consulting,  Inc.  and  PricewaterhouseCoopers. 


Visit  us  on  the  Web  at  sun.com/solaris 


Keep  your  services  engine  running  on  all  cylinders  with  the  Solaris 
Operating  Environment. 


Once  you  get  your  Web  services  built,  you’re 
ready  for  the  big  road  test:  deployment.  It 
doesn’t  matter  how  bulletproof  your  Web 
services  are  if  they  don’t  work  all  the  time 
and  they’re  not  secure.  The  Solaris'"  OE  is 
a  secure,  reliable  way  to  protect  your  Web 


services  investment  and  your  hard-earned 
reputation  for  dependable  service.  Solaris, 
supporting  many  of  the  largest  Internet  busi¬ 
nesses,  is  the  foundation  of  Sun’"  ONE  and 
provides  a  rock-solid  application  platform  for 
any  kind  of  Web  service. 


WEB  .. 

>connections 


WEIGH  IN 

Is  it  up  to  the  CIO  to  start 
the  conversation  about 
the  ethical  uses  of  data? 


Jerry  Rode,  CIO  of  Saab 
Cars  USA 


Data  doesn't  care  how  it’s  used.  Take 
the  Pledge  (Page  56)  argues  that  it’s  the 
responsibility  of  the  CIO  to  police  the 
ethical  management  of  data.  Do  you  agree?  Have  you  taken  steps  to 
develop  guidelines  for  your  company?  Weigh  in  with  your  opinions. 


CIO  Budgeting  Toolkit 

Learn  who’s  spending  what,  and 
when,  from  the  latest  survey 
results.  Also:  Howto 
plan  and  sell  a 
budget.  Goto 
www.cio.com/ 

0602/budgets. 

New  in  the  Research 
Centers 

Get  the  inside  story  on  emerging 
technologies— what's  the  real 
value,  why  should  you  use  them, 
will  they  really  “emerge”?— in 
CIO  Tech  Current  Ebb  &  Flow.  Go 


CIO  READER  POLL 


to  www.cio.com/current. 


Do  you  accept  the  CIO’s  Six  Commandments? 


Members  of  the  CIO  Best  Practice  Exchange  endorsed  six  commandments  of  ethical 
data  management  (Take  the  Pledge).  Now’s  your  turn  to  cast  your  vote— and  your 
comments. 

ASK  THE  SOURCE 

How  do  you  scale  your  IT  capabilities  as 
the  business  continues  to  grow? 

CIO  Jeff  Cohen  started  at  JetBlue  Airways  with  one  mandate: 

Automate  everything  (JetBlue  Skies  Ahead,  Page  72).  He  was  so 
successful  that  the  4-year-old  company  has  posted  a  profit  while 
other  airlines  are  grounded  in  debt.  Cohen  is  available  for  your 
questions  and  comments  for  the  next  two  weeks. 

Find  links  to  the  stories  mentioned  above  in  the  Web  Connections  box  at  www.cio.com. 


Peer  Resources 

E-mail  the  following  stories  from  CIO’s 
online  sister  publication,  Darwinmag.com, 
to  your  nontechnology  colleagues. 

CIO's  Cheap,  Cool  and  Dangerous 
(Page  80)  talks  about  the  security  threats  of 
unauthorized  wireless  LANs.  Darwinmag’s 
What  is  a  Wireless  LAN?  presents  the  facts 
that  you  need  to  know. 


CIO’s  The  IT  Inside  The  World’s 
Biggest  Company  (Page  64)  reveals  how 
technology  has  helped  Wal-Mart  get  on  top. 
Darwinmag’s  Never  Stop  the  Buying 

divulges  the  one  thingthat  Wal-Mart 
doesn’t  do  right. 

Go  to  www.darwinmag.com  or 
www.cio.com/printlinks. 


Our  Daily  Web 

MONDAY  Tech  Tact  Technology 
Editor  Christopher  Lindquist 
covers  what’s  coming. 

TUESDAY  Alarmed  Security 
experts  Sarah 
D.  Scaletand 
Scott  Berinato 
give  you  some¬ 
thing  new  to 
worry  about. 


SCALET 


WEDNESDAY 
Metrics  Web  Writer  Jon  Surmacz 
makes  sense  of  the  numbers. 

THURSDAY  Sound  Off  Web 

Editorial  Director  Art  Jahnke 
opines  on  ethical 
dilemmas. 

FRIDAY  The  Big 
Picture  Charts 
and  graphs 
worth  1,000 
words. 


14  CIO  JULY  1,  2002 


www.cio.com 


“Our  Tactical  ERP  approach  focuses  on  rapid  realization  of  business  benefits, 
delivered  in  increments.  That  way,  we  can  measure  your  ROI  at  every  step  of  the 
way  and  leverage  those  returns  to  drive  subsequent  IT  investments.” 


—  Roseanne  Lopez,  Management  Solutions  &  Services 


For  Management  Solutions  &  Services 
the  answer  is  the  people  of  Deloitte  &  Touche 


Deloitte 

&Touche  Assurance  &  advisory,  tax  and  consulting  services 

www.us.deloitte.com/mss 


©2002  Deloitte  S.  Touche  LLP.  Deloitte  &  Touche  refers  to  Deloitte  &  Touche  LLP  and  related  entities. 


••••••..••••ill 

••••••!!!!!••••! 

•••••••••••••••I 

. . . 

••••#••••••••• J 

•  •••••••••#••••{ 

::::::::::::::: 

•  ••••••#•••••••{ 

::::::::::::::: 

:::::::::::::: 


•« 

•  ft 
Ml 

•  •• 


Bis 


There's  a  Dell  PowerEdge 
with  Windows*  2000  Server 
for  every  kind  of  business. 

From  "kind  of  start  up"  to  "kind  of  FORTUNE  500.®" 


Ask  about 


No  matter  the  size  of  your  company,  we've  got  a  server  that  fits.  Dell  PowerEdge  servers  with  Microsoft®  Windows®  2000  Server  operating 

<■ 

system  grow  with  your  business,  minimize  downtime,  are  easy  to  integrate  and  even  easier  to  support.  No  matter  what  your  business  needs  -  from  60 


file/print  to  database  management  -  you  can  choose  the  server  with  the  Microsoft®  Windows®  2000  Server  operating  system  that  is  right  for  you. 
And,  by  dealing  direct  with  Dell,  you  get  a  system  customized  to  fit  your  business  needs,  at  an  affordable  price,  backed  by  our  award-winning 
service  and  support.  It's  a  nice  mix  of  exactly  the  server  you  need  with  exactly  the  operating  system  you  want. 


DAYS 

same-as-cash 

for  qualified  customers30 


Dell  |  Small  Business 

PowerEdge™  1500SC  Server 


Dell  Rated  #1  in  U.S.  Small  Business  Server  Market  Share 

Intel®  Server  Market  Share  for  1  to  99  Employees 

IDC 


PowerEdge™  2500  Server 


4th  Quarter 
-March  2002 


Value  Server  with  Power,  Redundancy,  and  Reliability 

•  Intel®  Pentium®  III  Processor  at  1.13GHz 

•  Dual  Processor  Capable 

•  128MB  133MHz  ECC  SDRAM  (up  to  4GB) 

•  18GB5  (10K  RPM)  Hot-Swap  Ultra3  SCSI  Hard  Drive 

•  Upgradeable  to  438GB  of  IDE  Hard  Drive  Capacity 

•  Embedded  Intel®  PRO  Gigabit  NIC 

•  1-Yr  Next  Business  Day  On-Site  Service3 

A  0m  as  low  as  $37/mo„  (46  pmts.30)  60  Days 

Same-As-Cash  for  qualified  customers 

IbVV  E-VALUE  Code:  11517-S20612 


Robust  and  Scalable  Tower  Server 

•  Intel®  Pentium®  III  Processor  at  1.13GHz 

•  Dual  Processor  Capable 

•  128MB  133MHz  ECC  SDRAM  (up  to  6GB) 

•  18GB5  (1  OK  RPM)  Hot-Swap  Ultra3  SCSI  Hard  Drive 
•Embedded  Intel®  10/100  NIC 

•  Hot-Swap,  Redundant  Cooling  Fans 

•  3-Yr  Next  Business  Day  On-Site  Service3 

^  0m  as  low  as  S  54/mo  ,  (46  pmts.30)  60  Days 

^  Same-As-Cash  for  qualified  customers 

lUJv  E-VALUE  Code:  11517-S20618 


Recommended  upgrades: 

•  Hot-Swap,  Redundant  Power  Supply,  add  $150 

•  NEW  PowerConnect”  2124* *  24-Port  Unmanaged  Switch 
with  Gigabit  Port,  add  $299 

•  System  Including  Windows®  2000  Small  Business 
Server,  only  S2599 


PowerEdge™  2650  Server 

NEW  2U  Rack-Optimized  Performance  and  Scalability 

•  Intel®  Xeon®  Processor  at  1.80GHz 

•  Dual  Processor  Capable 

•  256MB  200MHz  ECC  DDR  SDRAM  (up  to  6GB) 

•  18GB5  (10K  RPM)  Ultra3  SCSI  Hard  Drive 

•  Upgradeable  to  365GB  of  SCSI  Hard  Drive  Capacity 

•  Dual  Embedded  Gigabit  NICs 

•  Dual-Channel  Integrated  Ultra3  SCSI  Controllers 

•  Active  LCD  Screen  for  Monitoring  System  Health 

•  3-Yr  Next  Business  Day  On-Site  Service3 

as  low  as  $68/mo.,  (46  pmts.30)  60  Days 
M  Same-As-Cash  for  qualified  customers 

fc-WWW  E-VALUE  Code:  11517-S20623 


Recommended  upgrades: 

•  Embedded  Dual-Channel  RAID,  add  $299 

•  Redundant  Power  Supplies,  add  $299 

•  System  Including  Windows*  2000  Server,  only  $3199 


Recommended  upgrades: 

•  Embedded  Dual-Channel  RAID,  add  $299 

•  PowerConnect"  3024*  24-Port  Managed  Switch,  add  $699 

•  System  Including  Windows®  2000  Server,  only  $2699 


PowerVault™  PV715N  Storage 

NEW  NAS  File  Sharing  Storage 

•  Offloads  Storage  Load  from  Desktops  and  Servers 

•  Snap  Shot  Capability  for  Backing  up  Stored  Data 

•  No  Charge  for  OS  Client  Licenses  up  to  250  Users 

•  Intel®  Celeron®  Processor  at  850MHz 

•  384MB  SDRAM  (up  to  512MB) 

•  160GB  IDE  Hard  Drive  -  Four  40GB  Bays 

•  Dual  10/100  Ethernet  Ports 

•  Multi-Platform  Support  of  PC,  Unix,  Apple,  and  Novell 

•  Microsoft®  Windows®  Powered  Operating  System 

•  3-Yr  Next  Business  Day  On-Site  Service3 

•  Price  Includes  $100  Small  Business  Discount 

as  low  as  $48/mo.,  (46  pmts.30)  60  Days 
killl  Same-As-Cash  for  qualified  customers 

■  WWW  E-VALUE  Code:  11517-S20616S 


Recommended  upgrade: 

•  Broadcom  Gigabit  Network  Card,  add  $299 


Servers  for  any  size  business.  Easy  as 


D0LL 


Visit  www.dell.com/cio  or  call  toll  free  1-877-351-3355. 


Call:  M-F  7a-8p  Sat  8a-5p  CT 

Pricing,  specifications,  availability  and  terms  of  offer  may  change  without  notice.  Taxes  and  shipping  charges  extra,  and  vary.  U.S.  Dell  Small  Business  new  purchases  only.  Dell  cannot  be 

held  responsible  for  errors  in  typography  or  photography. 

‘This  device  has  not  been  approved  by  the  Federal  Communications  Commission  for  use  in  a  residential  environment.  This  device  is  not,  and  may  not  be.  offered  for  sale  or  lease,  or  sold  or 
leased  for  use  in  a  residential  environment  until  the  approval  of  the  FCC  has  been  obtained. 

'For  a  copy  of  our  Guarantees  or  Limited  Warranties,  write  Dell  USA  L.R,  Attn:  Warranties,  One  Dell  Way,  Round  Rock,  Texas  78682  ‘Service  may  be  provided  by  third  party  Technician  will  be 
dispatched,  if  necessary,  following  phone-based  troubleshooting.  To  receive  Next-Business-Day  service,  Dell  must  notify  service  provider  before  5  pm  (depending  on  service  contract)  customers 
time.  Availability  varies.  For  hard  drives,  GB  means  1  billion  bytes;  accessible  capacity  varies  with  operating  environment.  ’“Monthly  payment  is  based  on  a  48-month  12.99%  interest  rate  for 
qualified  business  customers.  Your  interest  rate  and  monthly  payment  may  be  same  or  higher,  depending  on  your  creditworthiness.  Minimum  transaction  size  of  $500  is  required.  Maximum 
aggregate  financed  amounts  not  to  exceed  $25,000  Under  60  Days  Same-Ais-Cash  Quickloan,  interest  accrues  during  first  60  days  after  the  QuickLoan's  Commencement  Date  (which  is  five  days 
after  product  ships)  if  balance  is  not  paid  within  these  60  days.  STATED  INTEREST  RATE  ANO  60  DAYS  SAME-AS-CASH  QUICKLOAN  ARE  FOR  QUALIFIED  ONL  INE  BUSINESS  CUSTOMERS.  OFFER 
VARIES  BY  CREDITWORTHINESS  OF  CUSTOMER  AS  DETERMINED  BY  LENDER  Taxes,  fees  and  shipping  charges  are  extra  and  may  vary  Not  valid  on  past  orders  or  financing  Quickloan  is  from 
CIT  Online  Bank  to  Dell  Small  Business  (BSDI  online  customers  with  approved  credit  Dell,  the  stylized  E  logo.  E  Value,  PowerEdge.  PowerConnect  and  PowerVault  are  trademarks  of  Dell  Computer 
Corporation  Intel.  Intel  Inside.  Pentium.  Celeron,  and  Xeon  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries  Microsoft  and 
Windows  are  registered  trademarks  of  Microsoft  Corporation  ©2002  Dell  Computer  Corporation.  All  rights  reserved. 


PCs  use  genuine  Microsoft®  Windows* 
www.microsoft.com/piracy/howtotell 


© 

USE  THE  POWER  OF 
THE  E-VALUE  CODE. 

Match  our  latest  technology 

with  our  latest  prices.  Enter  the 

VALUE 

E  VALUE  code  online  or  give  it 
to  your  sales  rep  over  the 
phone  www  dell  com/evalue 

From  the  Editor 

lundberg@cio.com 


'C 

Does  your  company  have 
clearly  defined  data 
management  guidelines? 
Would  you  sign  on  to  our 
six  commandments  (see 
Page  58)? 

To  cast  your  vote,  go  to 

www.cio.com/readerpoll. 


FOR  THE  PAST  DECADE,  chief  information  offi¬ 
cers  have  devoted  a  great  deal  of  time  and  atten¬ 
tion  to  the  technology  part  of  IT.  But  as  I’ve  said 
in  recent  columns,  the  next  decade  will  see  a  major 
shift  to  the  information  part  of  the  equation.  With 
the  tools  in  place,  companies  are  getting  down  to 
the  business  of  mining,  leveraging  and  making 
money  from  all  that  data  they’ve  been  collecting. 

The  technologists  have  had  their  day;  now  it’s 
the  marketers’  turn.  And  CIOs  everywhere  are 
grappling  with  the  question  of  their  own  role  in 
data  stewardship. 

Of  course,  before  that  question  gets  answered, 
a  more  fundamental  issue  must  be  addressed:  Who 
actually  owns  all  this  information? 

“Somehow,  technology  has  led  to  this  rogue  the¬ 
ory  that  acquiring  data  about  people  gives  you  the 
right  to  own  that  data,”  says  Chris  Hoofnagle  of 
the  Electronic  Privacy  Information  Center  (EPIC), 
in  “Take  the  Pledge,”  beginning  on  Page  56.  “But 
there’s  no  theory  of  property  that  says  that’s  OK.” 

Privacy  law  will  inevitably,  if  not  immediately, 
come  down  on  the  side  of  individuals’  right  to  their 
own  data.  For  now,  however,  CIOs  are  on  their 
own  when  it  comes  to  figuring  out  what  to  do. 

The  ongoing  Andersen/Enron  case  has  brought 


the  issue  of  corporate  data  retention  and  deletion  to 
center  stage.  Recent  revelations  about  the  FBI’s  use 
of  e-mail  monitoring  to  investigate  Osama  bin 
Laden’s  terrorist  network  raise  further  questions. 

According  to  an  internal  FBI  memorandum 
made  public  in  late  May,  in  addition  to  gathering 
e-mail  from  legitimate  suspects,  the  system  “also 
picked  up  the  e-mails  of  noncovered”  individuals. 
“The  FBI  technical  person  was  apparently  so  upset 
[that  the  system  picked  up  e-mails  it  wasn’t  sup¬ 
posed  to]  that  he  destroyed  all  the  e-mail,”  includ¬ 
ing  those  related  to  the  investigation.  (View  the 
memo  at  www.epic.org/privacy/carnivore.) 

Data  stewardship  doesn’t  stop  at  document  dele¬ 
tion.  If  a  pending  privacy  bill  (S.  2201)  gets  passed 
into  law,  U.S.  companies  will  be  required  to  give 
customers  access  to  personal  information  they  have 
collected.  Europe  already  requires  such  access.  It 
will  certainly  fall  on  the  CIO’s  shoulders  to  figure 
out  how  to  comply  with  this  mandate  without 
incurring  significant  new  costs. 

CIOs  can’t  and  shouldn’t  wait  for  the  law  to 
catch  up  with  the  state  of  the  art.  You  must  start  the 
dialogue  now  regarding  what  is  right,  and  then 
deploy  the  appropriate  tools,  policies  and  data 
management  practices  to  support  that  stance. 


2002  •  www.cio.com 


18  CIO  JULY  1 


PHOTO  BY  JASON  GROW/SABA 


'■i: 


j*  Optica!  is  implefnented. 

I  1  .#  m 

The  intelligent  network  moves  at  w 


Cisco  Systems 


SOLUTIONS  FOR  YOUR  NETWORK  ▼ 


Cisco  Systems.  Inc.-All  rights  reserved.  Cisco.  Cisco  Systems,  the  Cisco  Systems  logo.  Empowering  the  Internet  Generation,  and  Cisco  Powered  Network  are 
■WtltWlSnarks  or  trademarks  of  Cisco  Systems.  Inc.  ,  ’ 


VPN/SECURITY 


OPTICAL  NETWORKING 


IP  COMMUNICATIONS 


CONTENT  NETWORKING 

■f 

STORAGE  NETWORKING 

+ 

WIRELESS  AND  MOBILE  OFFICE 


cisco.com/go/opticalnetworking  | - 

Extend  your  existing  enterprise  network  infrastructure  to  reduce  equipment  and 
operating  costs.  Integrate  voice,  video,  data,  and  storage  applications  over  a  high 
capacity,  high  availability,  multiservice  optical  network  with  Cisco  COMET: 
Complete  Optical  Multiservice  Edge  Transport.  Cisco  COMET  provides  the  optical 


foundation  for  CISCO  AVVID.  With  Cisco  AVVID  enterprise  architecture,  you  can  do  all  this  without  any  disruption.  This 


standardized  enterprise  architecture  allows  you  to  seamlessly  integrate  voice,  video,  wireless,  and  data  applications  on 


Empowering  the 
Internet  Generation 


a  single,  scalable  network.  This  includes  new  and  existing  technologies  alike.  Whether  you're  building  your  enterprise 
network  or  extending  it  with  Cisco  Powered  Network  services,  take  advantage  of  the  tools  below  to  get  it  done  right. 


r  Recent  Articles 

Application  Notes 

White  Papers 

Solutions  Overview 

Cisco  Powered  Network 

PHOTO  BY  WEBB  CHAPPELL 


From  the  Publisher 

gbeach@cio.com 


The  Imperfect  Boss 


AT  A  RECENT  CIO  Perspectives  conference,  I  sat  in  on  an  interesting  session.  On  stage, 
three  CIOs  debated  the  topic  of  reporting  relationships.  The  crux  of  their  dis¬ 
cussion:  Should  a  CIO  report  to  the  CEO  or  the  CFO? 

The  consensus  seemed  to  be  that  it  is  much 


CIO.com  Poll  on  CEO  Types 


The  category  that  best  repre¬ 
sents  the  CEO  at  your  company: 

^  The  Hypocrite,  who 

£/%  espouses  strategic 
importance  of  IT  but  negates 
belief  through  personal  action. 

■f  Q  The  Believer,  who 
AI/%  believes  IT  enables 
strategic  advantage  and  demon¬ 
strates  belief  through  action. 

IQ  The  Waverer,  who 
JLO%  reluctantly  accepts 
strategic  importance  of  IT. 

MThe  Monarch,  who 

%  accepts  IT  is  important, 
appoints  the  best  CIO  and 
steps  back. 

UThe  Agnostic,  who 

%  concedes  IT  is  important 
but  needs  repeated  convincing. 

8  The  Zealot,  who  is 

%  convinced  IT  is  impor¬ 
tant  and  equally  believes  he  is  an 
IT  expert. 

2  The  Atheist,  who  is 

%  convinced  IT  is  of  little 
value  and  publicly  espouses 
this  belief. 

TOTAL  NUMBER  OF  RESPONDENTS:  159. 
NUMBERS  DO  NOT  ADD  UP  TO  100  PERCENT 
DUE  TO  ROUNDING 


better  for  a  CIO  to  report  directly  to  the  CEO 
(or  COO).  At  companies  where  the  CIO  reports 
to  the  CEO,  information  technology  is  viewed 
as  an  investment.  No  one  argued  for  a  report¬ 
ing  relationship  to  the  CFO  because — panelists 
claimed — those  companies  that  have  one  see 
IT  as  a  cost  to  be  managed,  curtailed  or  cut. 

The  argument  seems  logical.  But  in  my 
March  1,  2002,  column  I  presented  readers 
with  seven  creeds  of  the  CEO  as  a  way  to  char¬ 
acterize  how  their  CEO  views  IT.  (The  creeds 
were  originally  defined  in  a  Sloan  Management 
Review  article.)  I  asked  readers  to  select  the  cat¬ 
egory  that  most  represents  the  CEO  at  their 
company  and  vote  on  CIO’s  website.  The 
results  (at  left)  may  surprise  you.  They  certainly 
surprised  me. 

Well  so  much  for  the  theory  that  reporting  to 
the  CEO  is  better  than  reporting  to  the  CFO. 

Leading  IT  in  your  company  is  your  respon¬ 
sibility.  Take  on  that  responsibility  with  passion 
and  enthusiasm  every  day  you  report  to  work 
regardless  of  whom  you  call  boss. 

And  thanks  to  those  readers  who  took  the 
time  to  vote. 


OPTICAL 

SERVICES 

from 

service  providers 
that  use  Cisco 


equipment  in  their 


networks. 


Cisco-  I 

Powered  Network 

If  you're  considering  a  service 
provider  to  extend  your 
network,  look  for  the  Cisco 
Powered  Network  logo. 

It's  your  assurance  that  a 
provider  delivers  its  service 
over  an  end-to-end  Cisco 
network  and  demonstrates 
the  highest  standards  of 
operational  excellence,  cus¬ 
tomer  service,  and  support. 


> 


TO  DOWNLOAD  THE 
FREE  WHITE  PAPER, 
"STRATEGIES  FOR  MANAGED 
NETWORK  SERVICES" 


visit 


cisco.com/go/cpn-optical 


Cisco  Systems 


® 


Empowering  the 
Internet  Generation 


©2002  Cisco  Systems.  Inc.  All  rights  reserved.  Cisco.  Cisco 
Systems,  Empowering  the  Internet  Generation,  and  the 
Cisco  Systems  logo  are  registered  trademarks  and  the 
Cisco  Arrow  logo  is  a  trademark  ot  Cisco  Systems.  Inc. 
and/or  its  affiliates  in  the  U.S.  and  certain  other  countries. 


InBox 

Reader  Feedback 


I.T.’S  SOLDIERS 

I  enjoyed  your  article  [“Leadership  Lessons  from  the  Modern  Military,”  Hot  Seat,  April 
15,  2002].  I’m  a  retired  Air  Force  colonel,  now  teaching  in  the  university  environment. 
Your  article  makes  several  points  that  I’ve  tried  to  emphasize  over  the  years.  As  you 
correctly  noted,  right  or  wrong,  we  made  the  distinction  of  leadership  as  good  and 
management  as  not  as  good.  High-caliber  leaders  have  long  known  that  one’s  ability  to 
energize,  motivate  and  lead  people  stems  from  respect,  not  simply  rank. 

That  is  not  a  new  phenomenon.  Hopefully,  your  article  will  help  dispel  a  few  myths. 

Gregory  D.  Freix  •  Director  of  IS  •  School  of  Business 
The  University  of  Kansas  •  Lawrence,  Kan.  •  gfreix@ku.edu 


Le»dcrf^»p  Lessor 
horn  the  Wlortcm 


lAAVtary 


TO  SEIZE  THE  DAY 

Your  recent  editorial  [“Where’s 
Morale?”  From  the  Editor,  May  1, 
2002]  touched  a  nerve. 

It  has  not  been  business  as  usual  in 
my  IT  organization.  The  slow  economy 
and  the  events  of  Sept.  1 1  have  made 
a  noticeable  impact.  And  my  colleagues 
who’ve  shared  these  experiences  have 
noticed  similar  patterns  in  their  own 
environments.  For  the  first  time,  many 
of  us  have  a  sense  of  our  own  mortal¬ 
ity.  In  the  daily  regime  of  IT  work,  this 
new  search  for  meaning  influences  proj¬ 
ect  work,  human  relations  and  team¬ 
work.  I  have  seen  a  number  of  my  senior 
staff  come  forward,  questioning  their 
life’s  work  and  priorities.  Younger  staff 
members,  still  years  away  from  the 
midlife  crisis,  suddenly  feel  more  vul¬ 
nerable  in  the  post-9/11  world. 

As  an  IT  executive,  I  have  discovered 
the  need  to  lead  in  nontechnical  fron¬ 
tiers — areas  like  teamwork  and  personal 
development,  and  in  some  cases,  per¬ 
sonal  discovery.  I  have  worked  hard 
over  these  past  few  months  to  cultivate 
that  same  spirit  in  my  managers.  During 
the  course  of  a  typical  day,  this  means 
that  when  we  introduce  projects,  we 
thoroughly  explain  the  business  chal¬ 
lenges  the  projects  will  solve,  no  matter 


who  is  on  the  team.  The  goal  is  purpose¬ 
ful  action.  We  measure  our  success  by 
hitting  the  technical  milestones,  but  also 
through  the  feedback  we  receive  from 
the  members  of  our  teams  about  the 
teams  themselves — because  projects 
don’t  work  when  teams  don’t.  If  a  man¬ 
ager  or  a  staff  member  has  a  personal 
crisis,  we  look  for  ways  to  be  support¬ 
ive.  Sometimes  this  requires  under¬ 
standing  beyond  the  bits  and  bytes  of 
the  business.  Finally,  we  recognize  our 
accountability  to  each  other,  no  matter 
what  our  roles. 

Mary  Shacklett 
VP  and  CIO 
Twin  County  Credit  Union 

Olympia,  Wash. 

RETURN  OF  THE  MAC 

I  just  finished  reading  Gary  Beach’s  col¬ 
umn  [“An  Apple  for  the  Enterprise,” 
May  1,  2002],  and  I  very  much  agree 
with  the  Linux  on  Mac  approach. 
The  reason  I’m  writing,  however,  is  to 
respond  to  the  comment  from  the  IT 
guys  about  not  being  able  to  put  Macs 
in  their  Wintel  shop.  I  too  work  in  an 
NT  server  environment  where  90  per¬ 
cent  of  the  clients  are  on  PCs,  but  I  had 
used  a  Powerbook  for  85  percent  of  my 
work  at  my  desk  and  when  I  travel  (I’m 


an  engineer,  not  a  graphics  type).  I  actu¬ 
ally  started  using  a  Mac  one  day  when 
we  had  some  type  of  IS  meltdown  and 
I  couldn’t  get  support  for  a  couple  of 
days.  I  plugged  the  Ethernet  connection 
into  an  old  7200  that  was  sitting  on  a 
shelf,  pulled  some  network  information 
off  my  PC,  and  that  was  the  last  time  I 
turned  the  PC  on.  I  now  run  OS  X  (Unix 
based),  with  software  called  Dave  (so 
the  rest  of  the  Wintel  world  and  I  can 
share  files)  and  Virtual  PC  (for  those 
15  percent  applications).  I  haven’t  had 
an  IS  type  in  my  office  in  three  years 
(actually,  I  am  now  an  IS  type  because 
I  support  about  25  other  Mac  users  who 
have  followed  my  example). 

Thanks  to  Linux  and  Mac  OS,  there 
still  is  a  lot  that’s  new  and  exciting  hap¬ 
pening  in  the  world  of  IS. 

Milan  Zeman 

Senior  Applications  Engineer 
JDSU 
San  Jose,  Calif. 
milan.zeman@jdsu.com 

WHAT  DO  YOU  THINK? 

Send  your  thoughts  and  feedback 
to  letters@cio.com.  Letters  may  be 
edited  for  length  or  clarity. 


22  CIO  JULY  1,  2002  •  www.cio.com 


intel.com 


Do  Intel 
engineers 

have  a  secret 

formula 
for  success? 


A  single  wafer  of  Intel*  Itanium*  2  processors  contains  over  13  billion  transistors. 


intel.com 


And  the  key 
ingredient  in  the 
Intel  formula  is 
this;  our  core 
belief  that 
advanced 
engineering  will 
continue  to 
increase  the 
erf  or  ma  -  ce  >f 
computing  year 
after  year.  And 
deliver  the 
tools  that  make 
business  run 
■  better. 


Innovate. 

It’s  the  essence 
of  what  we  do : 

create  new 
technologies  to 
help  business  do 
more  at  lower  cost. 
It’s  engineering 
applied  to 
real  business. 
Processing 
technologies  that 
bring  tangible 
improvement  to 
computing  and 
communications, 
day  after  day. 


It  takes  remarkable  resources 
to  produce  such  complex  products 
in  mass  quantities. 


The  electron  microscope 
allows  us  to  explore 
nanometer-sized  transistors. 


©2002  Intel  Corporation.  Intel  and  Itanium  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries,  All  rights  reserved. 


intel.com 


Mass  produce. 

Creating  one 

new  processor  is 
only  a  start. 
The  challenge  is 
to  manufacture 
millions  to  meet 
the  demands  of 

compute?  Kttitotifi 

worldwide. 
Thinking  on  this 
scale  allows  us  to 
deliver  higher 
performance  and 
lower  cost  to 
business. 


Reinvest. 

Business  speaks, 
Intel  listens. 
Based  on 
real-world 

feedback,  we 
invest  heavily  in 
new-generation 
technologies. 
Last  year,  it  was 
over  $11  billion 
for  research  and 
new  facilities. 
We  think  of  it 

ftft  eft  IftftC-Sftrsiftir  it 

ift  yftyr  Cftftipaiiu  ft 
future. 


In  just  one  week, 
a  typical  Intel  facility  can  produce 
thousands  of  wafers. 


intel.com 


Repeat 

enthusiastically. 

St’s  been  a 
successful  formula 
for  over  30  years. 

St’s  also  our 
business  plan  for 
the  future. 
Because  it’s  a 
formula  that  allows 
us  to  keep 
delivering 
innovative,  reliable 
and  cost- effect  ve 
computing 
solutions.  That’s 
the  way  Intel 
works. 

Enthusiastically. 


In  the  world  of  Intel, 
the  clean-room  is 
a  way  of  life. 


It  takes  teamwork  — 
and  incredibly  advanced  technology  — 
to  create  Intel  processors. 


The  Magazine  for  Information  Executives 


President  &  CEO  Joseph  L.  Levy 
Publisher  Gary  J.  Beach 

Editorial  Director  Lew  McCreary 

EDITORIAL 

Editor  in  Chief  Abbie  Lundberg 
Deputy  Editor  Richard  Pastore 
Managing  Editor  David  Rosenbaum 
Managing  Editor,  Production  Cheryl  R.  Asselin 

Executive  Editors  Michael  Goldberg,  Christopher  Koch 
(Investigations),  Derek  Slater 

Leadership  and  Management  Editor  Edward  Prewitt, 
Opinion  and  Knowledge  Management  Editor  Megan 
Santosus,  Research  Editor  Lorraine  Cosgrove  Ware, 
Special  Projects  Editor  Mindy  Blodgett,  Technology 
Editor  Christopher  Lindquist 

Senior  Editors  Alison  Bass  (CRM),  Todd  Datz,  Alice 
Dragoon,  Sari  Kalin,  Elana  Varon  (B2B  E-Commerce) 

Features  Editor  Late  Low 

Senior  Writers  Scott  Berinato  (Security  and  Vendor 
Management),  Meridith  Levinson  (B2C  E-Commerce), 
Stephanie  Overby,  Susannah  Patton  (B2C  E- 
Commerce),  Sarah  D.  Scalet  (Security  and  Privacy) 

Staff  Writers  Simone  Kaplan,  Ben  Worthen 
Copy  Chief  Tom  Wailgum 

Asst.  Managing  Editor,  Production  Kathleen  S.  Carr 

Copy  Editors  Kelli  A.  Gauthier  (Assoc.), 

Emily  S.  Henderson,  Sarah  Johnson  (Assoc.) 

Research  Manager  Lynne  Z.  Rigolini 
Editorial  Resource  Manager  Carol  Zarrow 
Editorial  Assistants  Daniel  J.  Horgan,  Joe  Sullivan 
Special  Projects  Specialist  Cristina  Sousa 
Consulting  Editor  Janice  Brand 
Editor  at  Large  Jerry  Gregoire 

Contributors  Christopher  Hoenig,  David  L.  Margulius, 
Thomas  N.  Theis 

Editorial  Operations  Specialist  Julie  Hanson 
Operations  Assistant  Lisa  Byron 


How  to  Reach  Us 

E-mail  letters@cio.com 
Phone  508  872-0080 
Fax  508  879-7784 

Address  CIO  Magazine,  CXO  Media  Inc., 

492  Old  Connecticut  Path,  P.O.  Box  9208, 

Framingham,  MA  01701-9208 

Website  www.cio.com 

Topic  Experts  www.cio.com/online_beats2.html 

Subscriber  Services  800  788-4605,  Fax  508  879-7899, 
E-maii  denisep@cio.com 

Rights  and  Permission  Andrew  Burrell  •  508  935-4785, 
E-mail  aburrell@cxo.com 


DESIGN 

Executive  Director,  Art  and  Design  Mary  Lester 

Art  Directors  Hana  Barker,  Terri  Haas,  Lisa  Munroe 

Associate  Art  Director  Owen  Edwards 

Senior  Designers  George  Lee,  Chandra  Tallman 

Designer  Kajaal  S.  Asher 

Associate  Designer  Alberto  Capolino 

Design  Group  Assistant  Rachel  Barnett 

WEBSITE 

Senior  VP/General  Manager,  Online  Tim  Horgan 

Web  Editorial  Director  ArtJahnke 

Executive  Web  Editor  Martha  Heller 

Web  Editor  Sandy  Kendall 

Web  Writer  Jon  Surmacz 

Online  Technology  Director  Dagmar  Eiben 

Senior  Web  Developer  Ellen  Morey 

Online  Research  Manager  Kathleen  Kotwica 

Audience  Development  Manager  Andrew  Burrell 

Web  Developers  Diane  Chen.  Shannon  Macdonald 

Online  Content  Researcher  Tara  Gillet-Liloia 

Designer  Graham  White 

CIRCULATION 

Senior  VP/Circulation  Carol  A.  Spach 
Subscription  Svcs.  Manager  Denise  Perreault 
Subscription  Svcs.  Supervisor  Tina  Pescaro 

PRODUCTION 

VP/Manufacturing  Chris  Cuoco 
Production  Manager  Lee  Tuttle 
Ad  Production  Coordinator  Lisa  Stevenson 


EXECUTIVE  PROGRAMS 

VP  and  General  Manager  Ronald  L.  Milton 
VP,  Event  Marketing  Cynthia  Mollus 
Director,  Marketing  Services  Shellie  Rapson  James 
Manager,  Program  Operations  Brian  Fuce 
Manager,  Procurement/Tech.  Planning  Cynthia  Laird 
Manager,  Program  Development  Sherry  Keyles 
Event  Development  Specialist  Sandra  J.  Hughey 

Program  Applications  Specialists  Heather  Beauton 
(Senior),  Leah  Graves  (Assoc.) 

Senior  Program  Marketing  Specialist  Karen  Peabody 
Operations  Coordinator  Michael  Barbato 
Fulfillment  Services  Coordinator  Andrea  Harney 
Manager,  Event  Planning  Amy  Sanderson 


Media  Relations  Manager  Karen  Fogerty 
News  and  Information  Assistant  Lori  Piscatelli 
Marketing  Research  Director  Bridget  Cammarata 
Marketing  Research  Manager  Carolyn  Johnson 
Sr.  Marketing  Research  Analyst  Dylan  DiGregorio 
Marketing  Comm.  Director  Sue  Yanovitch 
Sr.  MarCom  Development  Specialist  Kari  Curto 
Marketing  Comm.  Coordinator  Sarah  Crowley 

ADMINISTRATION 

Executive  VP/Operations  Walter  Manninen 

Executive  Assistant  to  the  President/CEO 

Diane  Martin 

Financial  Manager  Cynthia  Petrillo 

Jr.  Financial  Analyst  Hilary  Smith 

Billing  Administrator  Joyce  Gillis 

Facilities  Specialist  John  Kelley 

Office  Services  Coordinator  Mary  E.  Wooldridge 

INFORMATION  SYSTEMS 

VP/CIO  Rick  Broughton 

Infrastructure  Manager  James  C.  Burgoyne 
User  Services  Manager  Ron  Bettencourt 
Senior  User  Services  Specialist  Michael  Fahlsing 
System  Administrator  Robert  Reagan 
User  Support  Specialist  Jonathan  Frappier 

NEW  BUSINESS  DEVELOPMENT 

VP,  Business  Development  &  Strategic  Alliances 

Cheryl  M.  Hardy 

Coordinator,  Business  Development  Kelly  Gabe 

HUMAN  RESOURCES 

VP,  Human  Resources  Patricia  Reilly 
Human  Resources  Manager  Tanya  Bureau 
Human  Resources  Representative  Beth  Senges 


MEDIA  INC. 

INTERNATIONAL  DATA  GROUP 
President  &  CEO  Kelly  Conlin 
Board  Chairman  Patrick  J.  McGovern 

WBPA 

▼  INTERNATIONAL* 

©  CXO  Media  Inc. 


MARKETING 

Executive  VP/Marketing  Cathy  O'Leary  Hayes 
VP/News  and  Information  Susan  Watson 


www.cio.com 


JULY  1,  2002  CIO  2  7 


ines 


Edited  by  Lafe  Low  and  Michael  Goldberg 


FINANCIAL  SERVICES 

Terror  Transactions 
Bedevil  Banks 


By  Daintry  Duffy 

BANKS  ARE  KEEPING  a  careful  eye  on  the 
money  flowing  in  and  out  of  their  doors. 
In  October  2001,  President  Bush  signed  the 
USA  Patriot  Act  into  law,  a  measure  that 
introduces  a  new  wave  of  regulations  to 
fight  money  laundering  and  organizations 
funneling  funds  to  terrorist  groups.  The  bur¬ 
dens  the  new  law  places  on  banks  and 
financial  institutions  are  creating  a  surge  of 
interest  in  technologies  designed  to  help 
companies  identify  potentially  suspicious 
activity.  TowerGroup,  a  financial  services 
research  company  based  in  Needham, 
Mass.,  estimates  the  increased  demand  for 
anti-money-laundering  (AML)  technology 
will  extend  well  into  2003,  and  that  spend- 


SOFTWARE  DESIGNED  TO  root  out 
bad  guys  by  analyzing  a  person’s  face  has 
generated  controversy  over  its  possible 
impact  on  individual  privacy  rights.  As 
part  of  the  antiterrorism  Patriot  Act,  the 
government  isgoingto  find  out  this 
summer  whether  there's  anything  for  civil 
libertarians  to  worry  about  it.  The 
National  Institute  of  Standards  and 
Technology  (NIST)  in  Gaithersburg,  Md., 
is  inviting  software  vendors  (there  are 


ing  by  U.S.  banking  institu¬ 
tions  on  such  technologies  will 
reach  $60  million  this  year. 

The  AML  provisions  of  the 
Patriot  Act  do  not  mandate 
the  use  of  specific  technolo¬ 
gies,  but  banks  and  other  fi¬ 
nancial  institutions  would  be 
hard-pressed  to  obey  the  new 
laws  without  them.  Among 
other  things,  banks  face  a 
greater  responsibility  to  verify 
customer  identity.  They  must  also  produce 
all  documentation  related  to  specific  ac¬ 
counts  within  five  days  of  a  regulator’s 
request.  There’s  also  the  complex  and  crit- 


about  70)  to  participate  in  the  tests. 
Government  scientists,  will  use  the 
software  to  analyze  still  images  to  see 
how  many  false  positives  show  up,  says 
spokesman  Philip  Bulman.  The  testing 
bed;  6  million  still  images  provided  by  the 
State  Department. 

NIST  is  slated  to  tell  Congress  in 
October  which  biometrics  products,  if 
any,  work  as  advertised. 

- Michael  Goldberg 


ical  task  of  identifying  suspicious  transac¬ 
tions  that  can  occur  across  multiple 
accounts  and  over  long  periods  of  time, 
making  it  difficult  for  a  human  to  detect 
any  pattern. 

The  answer  for  many  institutions  will 
involve  using  intelligent  systems,  which  are 
based  on  a  variety  of  tools,  for  instance, 
neural  networks  or  behavior  detection  tech¬ 
nologies  that  take  a  rules-based  approach  to 
examining  transactional  histories,  says 
Breffni  McGuire,  a  senior  analyst  in  the 
global  payments  group  at  TowerGroup.  For 
example,  if  a  customer  routinely  sends  wire 
transfers  in  the  amount  of  $10,000,  and 
suddenly  sends  one  that  is  20  percent 
greater,  the  system  might  flag  it  for  investi¬ 
gation.  Another  example  of  a  red  flag  trans¬ 
action  would  be  numerous  little  deposits — 
Continued  on  Page  30 


Does  Biometrics  Work?  We'll  Soon  Find  Out 


2  8  CIO  JULY  1,  2002 


www.cio.com 


PHOTO  BY  AP/WIDE  WORLD  PHOTOS 


What  makes  a  great  relationship? 

Strap  your  brother  onto  a  hand-built  aircraft,  with  a  12  hp  motor,  then  send  him  into  a  27  mph  headwind. 
From  Kitty  Hawk  to  corporate  boardrooms,  it  still  comes  down  to  trust.  In  a  landscape  littered  with  unfulfilled 
expectations,  Acxiom®  stands  out  as  a  partner  who  creates  customer  and  information  management  solutions 
that  truly  enable  profit  growth.  That’s  why  10  of  the  world’s  top  12  credit  card  issuers  trust  Acxiom  as  a  partner. 
And  top  executives  across  a  diverse  range  of  other  industries  also  place  their  confidence  in  our  solutions  for 
customer  retention,  prospecting  and  acquisition,  real-time  multi-channel  integration, 
data  quality  and  enhancement,  and  large-scale  data  management. 

Near-term,  reduce  costs.  Long-term,  increase  revenue.  Grow  your  most  valuable  assets  -  relationships. 

And  launch  your  profitability  to  new  heights. 

Flight  of  fancy?  Hardly.  See  how  Acxiom  delivers  for  major  corporations  -  examine 
industry-specific  solutions  and  read  detailed  case  studies  at  www.acxiom.com/GR 


GREAT  RELATIONSHIPS* 


CONSULTING  TECHNOLOGY/CDI  DATABASE  DATA  PRIVACY  IT 

AND  ANALYTICS  AbiliTec*  InfoBase®  LEADERSHIP  OUTSOURCING 


02002  Acxiom  Corporation.  All  rights  reserved.  Acxiom,  Abililec  and  InfoBase  are  registered  trademarks  of  Acxiom  Corporation.  Great  Relationships  is  a  service  mark  ot  Acxiom  Corporation. 


trendlines 


Terror  Transactions 

Continued  from  Page  28 

small  enough  to  fall  under  investiga¬ 
tive  limits — followed  by  an  $80,000 
withdrawal. 

While  AML  legislation  has  been  in 
place  for  years,  it  has  never  affected  so 
many  institutions  or  been  taken  so 
seriously  by  the  financial  services 
industry,  which  now  faces  increased 
federal  scrutiny  as  well  as  a  watchful 
public.  Companies  that  don’t  comply 
could  face  fines  of  up  to  $1  million, 
says  McGuire,  as  well  as  significant 
damage  to  their  reputation.  “There 
has  been  a  real  sea  change  since  Sept. 
11  in  the  seriousness  with  which 
organizations  are  taking  this  issue,” 
she  says.  “There’s  much  greater 
awareness  and  heightened  scrutiny 
around  how  companies  will  comply.” 


The  United  States  of  E-Commerce 


WHAT  STATE  IS  THE  BEST  for 

e-commerce?  The  Progressive  Policy 
Institute  ( www.ppionline.org )  scored 
the  50  states  (and  Washington,  D.C.) 
according  to  what  a  citizen  can  buy 
online  (such  as  wine,  cars,  insurance 
and  contact  lenses),  whether  the  state 
allows  digital  signatures  (good  for  e- 
biz)  or  whether  it  imposes  online  taxes 
(not  good).  In  number-one  Oregon,  for 
example,  residents  can  order  prescrip¬ 
tion  drugs  online  without  paying  sales 
taxes.  Conversely,  South  Carolina, 
which  ranked  last,  doesn’t  allow  the 
online  purchase  of  contact  lenses  and 
is  one  of  13  states  that  has  not  passed 
a  law  recognizing  digital  signatures. 


Here’s  the  ranking  of  the  top  10  for  e-commerce: 


L  Oregon 


2.  Utah 


3.  Indiana 


S.lowa 


6.  Alaska 


7.  Hawaii 


8.  Idaho 


^Michigan 


10.  Colorado 


SOURCE:  PROGRESSIVE  POLICY  INSTITUTE,  MARCH  2002 


Making  B2B  Pay:  Four  Tips 


By  Michael  Goldberg 


E-BUSINESS 


WHEN  MANAGERS  at  the 

Federal  Home  Loan  Bank  of 
Dallas  decided  to  automate 
some  customer  transactions 
nine  years  ago,  they  didn’t  call  it 
B2B  e-commerce.  Nancy 
Parker,  senior  vice  president  and 
CIO,  and  herteam  developed  an 
application  to  let  customers— 
small  to  midsize  banks— automate  wire  transfers  for 
cash  advances.  The  Internet  became  the  medium,  and 
the  program’s  success  yielded  some  quick  lessons. 

The  bank  further  developed  its  program, 
SecureConnect,  to  include  financial  status  reports  and 
updated  interest  rate  quotes.  Customers,  using 
encrypted  passwords,  get  confirmation  of  their 
transactions  and  account  updates  in  real-time. 

The  results:  Since  SecureConnect  debuted  in  1997, 
the  bank’s  loan  portfolio  has  grown  from  $9  billion  to 
$32.3  billion  as  of  the  end  of  2001.  Into  April,  95.6  per¬ 
cent  of  the  bank’s  transactions  traveled  through 
SecureConnect.  Sixty-three  percent  of  the  bank’s  841 
member  institutions  participate.  Meanwhile,  the  bank’s 
five-member  lending  staff  has  remained  constant. 

How  did  they  get  such  a  high  participation  level? 
Parker  and  Sonia  Brown,  a  senior  vice  president  at  the 
Dallas  bank,  offer  these  observations: 


IShow  up  at  the  door.  Over  a  three-year  period,  Federal  Home  Loan 
Bank  sent  a  team  of  IS  and  other  staff  to  visit  customer  banks  in 
Arkansas,  Louisiana,  Mississippi,  New  Mexico  and  Texas.  The  bank 
provided  training,  software  and  networking  equipment  if  necessary- 
all  free  of  charge.  Every  site  was  different  and  required  a  different  level 
of  support. 

2  Pay  a  lot  for  security.  Without  disclosing  how  much  Federal  Home 
Loan  paid,  Parker  adds  that  “we  certainly  did  not  spare  the  cost  of 
making  sure  the  security  was  as  high  as  it  could  be.”  What  is  clear  is  that 
the  security  measures  have  to  be  easy  enough  for  a  PC  novice  to  use  but 
strong  enough  to  handle  transactions  worth  millions  of  dollars  every  day. 

3  Don’t  use  “Internet  time.”  While  the  Dallas  bank  was  an  Internet 
eariy  adopter,  the  business  pursued  SecureConnect  as  a  long-term 
strategy.  It  took  about  four  years  between  the  decision  to  create 
SecureConnect  and  its  rollout. 

4  Offer  price  breaks.  SecureConnect  users  get  a  lower  interest  rate 
on  loans— as  much  as  one-tenth  of  an  interest  point.  For  customers 
processing  hundreds  of  transactions  a  day,  that  can  add  up. 

SecureConnect  is  a  godsend  for  its  timely  information  and  lower 
loan  rates,  says  Jon  Hitchcock,  president  of  Pioneer  Bank,  a  $371  mil¬ 
lion  bank  in  Roswell,  N.M.  And  although  his  bank  lacks  a  bigtechnol- 
ogy  staff,  the  Federal  Home  Loan  Bank  staff  came  to  Roswell  and 
“loaded  the  system,  and  before  we  even  had  broadband  Internet 
access  they  hooked  up  a  router  to  our  network.” 


3  0  CIO  JULY  1,  2002 


www.cio.com 


"We  told  KPMG  Consulting: 
Texans  should  do  government 
business  online,  not  in  line." 


iSSi 


Carolyn  Purcell 

Chief  Information  Officer,  State  of  Texas 


Gary  Miglicco 

Managing  Director,  Public  Services,  KPMG  Consulting 


“KPMG  Consulting  and  the  State  of  Texas  have  certainly 
hit  a  home  run  with  the  people  of  Texas.  In  90  days, 
we  provided  our  citizens  with  TexasOnline  ... 
establishing  our  place  in  the  market. 

"We've  lowered  the  transaction  cost  for  people  to  do 
their  government  business.  The  benefits  are  endless, 
and  we've  only  begun  to  scratch  the  surface." 


www.TexasOnline.com 


"This  is  a  very  new  opportunity  in  government 
providing  services  on  the  Internet.  We  saw  this  as  a 
business  problem,  not  a  technology  problem. 

"So  we  created  a  solution  where  we  not  only  build 
and  manage  the  technology,  but  we  manage  the 
accounting,  finance,  marketing,  public  relations, 
customer  service,  and  translation  services. 

"We're  very  proud  to  have  just  had  our  5  millionth 
visit  to  TexasOnline. " 


YOU  CAN  HEAR  THEIR  STORY  @  www.kpmgconsulting.com/results 

BUSINESS  SYSTEMS:  STRATEGY  IMPLEMENTATION  RESULTS 

Consulting 

©2002  KPMG  Consulting.  Inc  All  nghts  reserved  KPMG  Consulting.  Inc  is  an  independent  consulting  company 


By  Lorraine  Cosgrove  Ware 


trendlines 


Get  a  Return  on  Your  IT  Staff 

Certification  Investments  Best  Practices 


COMPANIES  ARE  PAYING  higher  bo¬ 
nuses  to  IT  staff  who  are  certified  in 
security,  database  management  and  proj¬ 
ect  management  than  to  IT  staff  with 
standalone  skills,  according  to  a  survey 
conducted  by  New  Canaan,  Conn.- 
based  research  and  advisory  company 
Foote  Partners.  Premium  or  bonus  pay 
for  those  certifications  increased  from 
12  percent  to  18  percent  from  the  fourth 
quarter  of  2000  to  the  fourth  quarter  of 
2001,  with  a  4  percent  increase  in  bonus 
pay  for  certifications  overall  in  the  same 
time  period.  And  employers  are  more 


apt  to  pay  for  certification  training  than 
they  were  two  or  three  years  ago.  “CIOs 
believe  that  certifications  demonstrate  a 
greater  commitment  to  job  and  career, 
and  show  initiative  on  the  part  of  the 
employee,”  adds  David  Foote,  president 
of  Foote  Partners.  “Those  employees  are 
a  safer  bet  in  economic  downturns, 
when  CIOs  are  under  pressure  to  justify 
IT  dollars  spent.”  But  it’s  important  to 
consider  your  skilled  IT  staff  and  to 
understand  which  certifications  will  ben¬ 
efit  your  company  to  ensure  that  your 
dollar  is  well  spent. 


Don’t  assess  your  staffing  needs  on  certifica¬ 
tions  alone.  Remember,  experience  counts. 
Certification  programs  are  more  prevalent 
for  infrastructure  issues  like  networking 
and  database  systems  arid  are  less  preva¬ 
lent  in  areas  like  application  development. 
“IT  employees  with  years  of  experience 
versus  certifications  can  approach  prob¬ 
lems  more  creatively,”  says  David  Foote, 
president  of  Foote  Partners.  “CIOs  need 
free-thinking  gun-slingers  on  board  too." 

Encourage  staff  to  get  IT  certifications  that 
include  a  project  management  component, 
such  as  Novell  Project  Plus.  Employees  with 
those  skills  can  help  you  improve  process. 
Project  management  also  teaches  process 
documentation  and  knowledge  sharing, 
which  will  help  CIOs  keep  expertise 
in-house. 

Identify  the  areas  in  IT  that  warrant  certifica¬ 
tion.  “Security  is  a  board-level  issue  that 
can  impact  your  ability  to  form  partner¬ 
ships,  your  competitiveness  and  your  stock 
price,”  Foote  adds.  CIOs  need  to  make  the 
business  argument  for  resources  and  IT 
staff  with  specific  security  certifications 
such  as  forensics  and  intrusion  detection. 


CIOs  Are  Rewarding  Certified  Employees... 

Bonus  pay  for  certifications  pulls  ahead  of  compensation  for  standalone  skills 


9.0% 


PREMIUM  PAY  AS  A  PERCENTAGE  OF  BASE  SALARY 


...And  They  Are  Paying  for  Certifications 

Employers  are  increasingly  picking  up  the  entire  tab  to  certify  their  employees.  Make  sure  you  get  your  money’s  worth. 


EMPLOYEE  AND  EMPLOYER 
SHARE  COSTS 


EMPLOYEE  PAYS  ALL 


EMPLOYER  PAYS  ALL 


48% 


50% 


SOURCE:  '2002  TREND  REPORT  TECHNICAL  SKILLS  AND  CERTIFICATION  PAY,  NORTH  AMERICA  &  EUROPE."  FOOTE  PARTNERS.  29.100  I.T.  WORKERS  IN  1,810  COMPANIES  SURVEYED. 


32  CIO  JULY  1,  2002  •  www.cio.com 


Sometimes 

The  Difference 

Between  Enjoyment  And  Annoyance 


Small  investment 

IN  YOUR  APPLICATIONS. 

Big  impact 

ON  YOUR  BOTTOM  LINE. 

Sometimes  your  IT  infrastructure  performs  in 
perfect  harmony.  Other  times,  it’s  a  step  out  of 
tune.  Mercury  Interactive  can  make  it  all  work 
in  concert.  Our  complete  testing,  production 
tuning  and  performance  management  solutions 
make  it  easy  to  evaluate  and  fine-tune  your 
entire  system.  Giving  you  the  maximum  return 
on  your  existing  investments.  We’ve  spent 
years  optimizing  business-critical  applications 
for  global  organizations.  And  we  can  help 
ensure  that  your  end  users  get  the  experience 
they  expect.  Plus,  you’ll  get  proof  that  your 
applications  are  running  at  their  peak  24x7 
Tune  your  business  and  its  infrastructure  to 
perfection  with  Mercury  Interactive. 

DOWNLOAD  OUR  FREE  PAPER, 

"A  PROVEN  APPROACH  TO  OPTIMIZING 
PRODUCTION  SYSTEMS" 
www.mercuryinteractive.com/tune 


Is  A  Talented  Quarter  Turn. 


MERCURY  INTERACTIVE 

Enterprise  testing,  tuning  and  performance  management 


C  2002  Mercury  Interactive  Corporation.  Mercury  Interactive  and  the  Mercury  Interactive  logos  arc  registered  trademarks  ot  Mercury  Interactive  Corporation. 


WWW.MERCURYINTERACTIVE.COM/TUNE 


o 

5' 


(D 

Q. 


AND  THEN  THERE  WAS  FIRE. 


V} 

s 

<D 


Q. 

<3~ 


mmmm 


_ : - 

■,.r.  J 

b" 


Wmm 


2v 


m 


-■^..  '  *  - .  r“-  - 

kSS^W^.v  V  •;•• :  ■ 


% 


It  starts  as  a  marvel.  It  becomes  a  necessity.  And 
when  someone  figures  out  how  to  deliver  it  reliably, 
affordably  and  simply,  it  changes  our  lives.  It’s  been 
true  for  every  utility.  Now  it’s  true  for  e-business. 
Introducing  e-business  on  demand.1'’  Everything  from 
infrastructure  and  applications  to  entire  business 
processes,  delivered  via  the  Internet,  controlled  by 
you,  but  managed  by  IBM.  It’s  The  Next  Utility™ 
Will  it  change  the  world?  Maybe.  Your  business? 
Certainly.  Visit  ibm.com/e-business/ondemand 
or  ask  for  on  demand  at  800  IBM-7080. 


trendlines 


DATA  ANALYSIS 


\ 


Busting  Crime 
by  Decoding 
Phone  Bills 


By  Todd  Datz 


GABBY  CRIMINALS  BEWARE:  There’s  a  new  technol¬ 
ogy  out  there  to  help  the  good  guys  catch  you. 

PattemTracer  TCA,  telephone  call  analysis  software 
from  Springfield,  Va.-based  i2,  helps  law  enforcement 
agencies  decipher  complex  relationships  buried  in  billing 
records.  The  software  identifies  repetitive  groups  of  calls 
to  help  establish  patterns  linking,  for  example,  Butch  the  jewel  thief, 
Lefty  the  safe-cracker  and  Wanda  the  getaway  driver. 

Pattern  relationships  are  presented  as  a  link  analysis  diagram 
using  icons  to  connect  the  different  callers  and  create  a  time-line 
chart  so  law  enforcement  agents  can  view  patterns  over  time.  The 
software  can  run  up  to  100,000  telephone  records  at  a  time. 

The  system  is  intended  to  replace  the  manual  process  that  law 
enforcement  uses  today,  which  typically  involves  analysts  painstak¬ 
ingly  combing  through  large  volumes  of  printouts  or  staring  at 
Excel  spreadsheets  for  hours  on  end.  Humans  sometimes  miss  the 
subtle  patterns  picked  up  by  the  software’s  proprietary  algorithm. 


Also,  patterns  can  be  identified  in  minutes  instead  of  hours,  free¬ 
ing  up  valuable  investigative  time  for  the  gumshoes. 

Future  iterations  of  the  technology  will  be  applied  to  other  areas, 
such  as  financial  analysis  to  detect  money  laundering  activity  and 
Internet  traffic  analysis,  which  could  help  detect  hackers  or  other 
illegal  activity,  says  Todd  Drake,  national  sales  manager  at  i2. 
Customers  include  the  FBI,  the  National  Center  for  Missing  and 
Exploited  Children,  and  the  U.S.  Postal  Inspection  Service,  though 
Drake  claims  ignorance  when  asked  how  those  organizations  use  the 
software.  “More  often  than  not  we  don’t  know  what  they’re  doing 
with  the  product,”  he  says. 


THE 


WEB 


Calling  All  Strangers 


Payphone-project.com 
probably  has  this 
number  in  Iceland. 


LONGING  FOR  A  TASTE  of  the  Big 

Easy?  Call  504  947-9108  and  chat  with 
someone  letting  “les  bons  temps 
roulez"  on  New  Orleans’  Royal  Street. 
Try  dialing  390  (66982)  69-88-35-11, 
and  you  may  reach  someone  in  the 
basement  of  the  Vatican.  You  could  also 
try  801 359-7423  and  speak  to  someone 
just  outside  the  Salt  Lake  County 
Sheriffs  Jail.  That  is,  if  anyone  answers. 

Those  phone  numbers  came  from 
the  Payphone  Project  ( www.payphone - 
project.com ),  a  website  that  catalogs 
pay  phone  numbers  from  around  the 
world.  You  can  reach  out  and  touch 
people  passing  by  any  number  of 


interesting  phone  booths,  from  the 
two  Telecom  New  Zealand  tele¬ 
phones  in  Antarctica’s  McMurdo 
Station  to  the  pay  phone  at  the  top 
of  the  Eiffel  Tower  in  Paris. 

Mark  A.  Thomas  started  the 
Payphone  Project  on  a  whim  in  1995.  He 
first  collected  numbers  from  friends  and 
then  from  visitors  to  the  site.  He  has  now 
amassed  a  database  with  thousands  of 
pay  phone  numbers.  “By  listing  pay 
phone  numbers,  I  invited  people  to  pick 
up  the  phone  and  call  to  see  who 
answered  and  maybe  have  a  laugh,” 
says  Thomas,  a  classical  pianist  living  in 
New  York  City. 


Thomas  first  realized  how  popular 
his  site  had  become  while  walking 
through  Queens.  “I  answered  a  ringing 
pay  phone  at  the  36th  Ave.  subway 
station  in  Astoria,  and  the  caller  said  he 
found  the  number  for  that  phone  at  the 
website,”  Thomas  recalls.  “I  didn’ttell 
him  it  was  my  website,  though.  I  didn’t 
think  he’d  believe  me.” 

-Stephanie  Overby 


3  6 


CIO  JULY  1,  2002 


www.cio.com 


PHOTO  BY  GETTY  IMAGES;  ILLUSTRATION  BY  DAN  PICASSO 


Only  a  Xerox  Document  Centre’  shifts  your  office 
into  overdrive.  It  prints,  copies,  faxes,  scans  and  e-mails 
like  no  other.  Saving  you  time  and  money. 
There’s  a  new  way  to  look  at  it. 


Performance  proves  it.  Top  companies  know  it. 

That’s  why  86%  of  Fortune  500®  companies  rely 
on  Document  Centre  Multifunction  systems  to  save 
them  time  and  money*  Our  unique  design  provides 


maximum  network  performance.  The  result  is  cost¬ 
crunching  productivity  that  puts  your  business  way 
ahead  of  the  pack.  To  find  out  how  we  can  save 
your  business  time  and  money,  get  in  touch  today. 


Visit:  www.xerox.com/vroom  Call:  1-800-ASK-XEROX  ext.VROOM 


The  document  Company 

XEROX. 


•Certain  Document  Centre  features  are  optional  ©2002  XEROX  CORPORATION.  AJI  rights  reserved.  XEROX* The  Document  Company?  Document  Centre*  and  There's  a  new  way  to  look  at  it  are  trademarks  of  XEROX  CORPORATION 


trendlines 


On  the  Move 


Compiled  by 
Meridith  Levinson 


Kmart  Looks  Within  for  CIO 


KAREN  AUSTIN  was  driving  home  from 
work  in  April  when  she  heard  the  chime 
of  her  cell  phone.  “Hello?”  she  answered. 

It  was  Julian  Day,  president  and  COO  of 
beleaguered  discount  retailer  Kmart  in 
Troy,  Mich.  “We’ve  made  our  decision,” 
said  Day.  “It’s  unanimous.  We  want  you 
to  be  our  CIO.” 

Austin  had  applied  for  the  senior  vice 
president  and  CIO  post  that  had  been 
vacant  since  last  August.  She  was  thrilled 
with  Day’s  news. 

“Awesome!”  she  responded.  This  was 
the  outcome  that  the  company’s  former 
vice  president  of  application  development 
had  hoped  for.  “I’ve  been  here  [with 
Kmart]  18  years.  I’ve  had  a  vast  amount 
"  of  experience  in  IT  and  in  interfacing  with 
the  business.  I  felt  like  I  was  the  most  quali- 
•fied  person  for  the  position,”  she  says. 

Still,  there  was  some  small  part  of  her 
psyche  that  was  nervous.  The  phrase  “Be 
careful  what  you  ask  for,  you  just  might 
get  it”  gnawed  at  the  back  of  her  mind. 
After  all,  the  40-year-old  Austin  is  assum¬ 
ing  the  top  IT  job  at  a  company  caught  in 
the  throes  of  bankruptcy.  Five  others  have 
held  the  CIO  post  since  1994.  Using  IT  to 
resuscitate  the  ailing  retailer  should  be 
about  as  easy  as  sailing  across  the  Atlantic 
in  a  row  boat. 

“Doing  what  we  need  to  do  while  in 
Chapter  1 1  and  while  controlling  costs  is 
a  big  challenge,”  she  says.  “We’re  making 
sure  we’re  working  on  projects  that  sup¬ 
port  the  business.  We’ve  stopped  some 
projects  and  accelerated  others.” 

Solidifying  infrastructure  is  Austin’s 
most  critical  issue.  Last  February,  the  com¬ 
pany  combined  its  core  hard-line  and  soft- 
line  systems.  Austin  says  consolidating 
those  systems  will  eliminate  overhead, 
shorten  lead  times  and  simplify  store  and 
distribution  center  operations.  Now  she 
has  to  make  sure  this  consolidated  core  sys¬ 
tem  is  solid  enough  to  carry  the  company 


through  its  recovery  from  bankruptcy  and 
into  future  growth. 

Equally  important  are  technology  ini¬ 
tiatives  she’s  sponsoring  to  ensure  that 
prices  match  from  shelf  to  register  and  to 
prevent  stock-outs.  “These  are  all  things 
that  help  us  decrease  costs,  improve  com¬ 
parative  sales  and  increase  our  return  on 
assets,”  she  says. 

When  asked  if  she’s  worried  about  meet¬ 
ing  the  same  fate  as  those  other  short-lived 
CIOs,  she  says,  “Not  with  my  history.  I 
made  a  commitment  on  day  one.  I  held  a 
pep  rally  in  the  cafeteria  for  the  entire  IT 
group,  and  I  said,  ‘I  am  here  to  stay,  and  I 
am  committed  to  doing  what  it  takes  to 
make  sure  IT  helps  the  company  emerge 
from  bankruptcy.’” 


Karen  Austin:  Kmart’s  sixth  CIO  since  1994 


ves 


Ruth  Bruch  has  been  named  senior  vice  president  and  CIO  of  Lucent  Technologies  in 
Murray  Hill,  N.J.  As  CIO,  Bruch  will  focus  on  reengineering  the  company’s  information 
systems  and  completing  an  SAP  implementation.  She  joins  Lucent  from  Visteon, 
where  she  served  as  vice  president  and  CIO. 

Beth  Perlman  joins  Baltimore-based  Constellation  Energy  Group  as  vice 
president  and  CIO.  Perlman,  former  vice  president  of  Enron  Wholesale  Trading 
Technology,  will  report  to  senior  vice  president  and  CFO  E.  Follin  Smith. 

Tsvi  Gal,  the  former  president  of  ATT.com,  joins  New  York  City-based  Warner  Music 
as  senior  vice  president  and  CIO.  Gal  will  supervise  the  integration  of  Warner  Music’s 
global  IT  operations  and  will  look  for  opportunities  to  leverage  IT  synergies  with  the 
parent  company,  AOL  Time  Warner. 

Lucia  Ahnemann  leaves  the  CIO  role  to  join  global  ERP  vendor  Adonix  as  vice  presi¬ 
dent  of  marketing  and  channels.  She  spent  two  years  at  consultancy  Scient  as  CIO. 

Paul  Volkman  has  been  promoted  to  CIO  of  Vivendi  Universal  Games  in  Los  Angeles. 
The  company’s  former  director  of  information  technology,  Volkman  will  be  responsible 
for  developing  information  technology  strategy  and  overseeing  the  company’s  infra¬ 
structure  and  applications. 


3  8  CIO  JULY  1,  2002 


www.cio.com 


Word  on  the  Street: 
Migrate  to  Linux. 


On  Wall  Street,  technology  performance  means  money. That's  why 
Red  Hat®  Linux®  quietly  powers  many  of  the  world's  top  financial  firms. 

No  wonder.  Linux  is  open  source.  You  can  see  the  code.  You  stay  in  control. 
And  you  won't  get  trapped  again  by  proprietary  technology. 

Red  Hat  Linux  Advanced  Server  is  the  enterprise  platform  for  UNIX  to 
Linux  migration.  Scalable  performance.  Stabilized  releases.  Support 
from  top  software  vendors  you  already  use. 

Red  Hat  —  enterprise-ready,  no  matter  what  street  you're  on. 

Go  to  www.redhat.com/mktg/wallstreet 


m  redhat. 


©  2002  Red  Hat,  Inc.  All  rights  reserved."Red  Hat,"  Red  Hat  Linux,  the  Red  Hat  "Shadow  Man"  logo,  and  the  products  listed  are  trademarks  or 
registered  trademarks  of  Red  Hat,  Inc.  in  the  US  and  other  countries.  Linux  is  a  registered  trademark  of  Linus  Torvalds.  All  other  trademarks 
are  the  property  of  their  respective  owners. 


1-866-2REDHAT  #4 


SECURITY  TECHNOLOGY 


trendlines 


StopThat  Cart ! 

By  Stephanie  Overby 


EVERY  90  SECONDS,  a  shopping  cart  is 
stolen  somewhere  in  the  United  States.  That 
statistic  is  a  nightmare  for  grocery  retailers. 
Missing  carriages  (which  cost  between  $75 
and  $100  apiece)  represent  big  losses  for 


supermarkets — more  than  $800  million  a 
year.  Abandoned  cart  liability  and  nuisance 
complaints  have  led  to  hefty  fines  for  some 
retailers,  while  others  have  had  to  invest  in 
carriage  retrieval  services  to  track  down 
carts  that  have  gone  MLA. 

Some  supermarkets  have  taken  matters 
into  their  own  hands,  installing  cart-reten¬ 
tion  devices  on  their  carriages  that  literally 
stop  shopping-cart  thieves  in  their  tracks.  The 
Cart  Anti-theft  Protection  System  (CAPS) 
from  San  Diego-based  Carttronics  includes 
custom  electronic  shopping  cart  wheels  that 


incorporate  a  digital  receiver  and 
replaces  one  of  a  cart’s  standard  cast¬ 
ers  with  a  braking  device.  CAPS  also 
includes  a  radio  frequency  transmitter 
and  an  antenna  buried  around  the 
perimeter  of  the  retailer’s  property. 

That  transmitter  generates  a  signal 
along  the  antenna  line.  When  a  cart 
rolls  too  near  the  line,  the  caster’s 
receiver  intercepts  the  signal  and  a 
brake  is  released  that  rolls  under  the 
wheel  to  stop  the  cart.  The  K-2000, 
from  Sacramento,  Calif.-based  Kart 
Saver,  uses  an  infrared-driven  system 
that  includes  a  device  attached  to  the 
left  front  wheel  of  the  cart  that  sounds 
an  alarm  and  causes  the  carriage  to 
go  in  circles  when  a  customer  exceeds 
a  preset  distance  from  the  store. 

Harold  Slawsby,  who  owns  two 
Save-A-Lot  grocery  stores  in  Mass¬ 
achusetts,  installed  the  Kart  Saver 
system  in  spring  2001  in  his  Boston 
location,  which  had  been  losing  about 
10  carts  a  week.  He  spent  $18,000 
to  equip  135  carts  and  says  the  system 
has  already  paid  for  itself.  “Before,  we  had  to 
pay  to  send  out  a  carriage  retrieval  service 
six  days  a  week  to  cruise  the  area  and  look 
for  our  carts.  It  wasn’t  just  that  they’d  dis¬ 
appear  for  good;  sometimes,  they  were  just 
missing  when  you  needed  them,  or  they’d 
incur  damage  when  they  were  out,”  says 


This  Date  inIT  History:  JULY  1-15 


1752  French  silk  weaver  Joseph  Marie 
Jacquard,  who  perfected  a  loom  that  used 
punch  cards  to  program  weaving  patterns 
(including  the  eponymous  jacquard  weave), 
is  born  July  7  in  Lyons. 

1890  The  U.S.  Census  Bureau  on  July  1 
introduces  mechanical  calculating  devices. 
Invented  by  Herman  Hollerith,  they  count 
the  holes  field  workers  punch  in  cards. 

1951  William  Shockley  of  Bell  Telephone 


Labs  on  July  5  announces  the  invention  of 
the  junction  transistor. 

1985  Microsoft  releases  the  first  version  of 
Windows  on  July  2. 

1991  Appleand  IBM  on  July  3  sign  a  pact  to 
develop  an  operating  system  for  the  RISC 
processor.  This  leads  to  the  PowerPC. 

1994  Telstarl,  the  first  commercial 
communications  satellite,  is  launched 
July  10  from  Cape  Canaveral,  Fla. 


TECHNOLOGY  RECYCLING 

Unmerging 

Technology 

IS  YOUR  COMPUTER  OUTDATED?  Do  you 

care  about  the  environment?  Are  you  com¬ 
munity  conscious?  Do  you  live  on  the  West 
Coast?  If  you  answered  “yes”  to  any  of  the 
above,  check  out  www.freegeek.org. 

Free  Geek,  a  nonprofit  organization  based  in 
Portland,  Ore.,  takes  donated  used  computers, 
refurbishes  them  and  provides  them  to  area 
residents  in  exchange  for  community  service. 
The  renovated  systems,  called  Freek  Boxes,  are 
loaded  with  a  GNU/Linux  operating  system. 

Free  Geek  accepts  any  hardware,  working  or 
not,  although  it  asks  for  a  $10  donation  to 
accept  monitors.  It  then  refurbishes  or  recy¬ 
cles  the  equipment.  Free  Geek  has  recycled 
more  than  16,000  pieces  of  equipment, 
refurbished  and  donated  more  than  875 
computers,  and  logged  more  than  20,000 
hours  of  community  service. 

Not  just  anyone  can  waltz  in  and  take 
home  a  computer.  To  get  a  Freek  Box  or  a 
refurbished  printer,  one  must  be  willing  to 
volunteer  for  between  24  and  72  hours  of 
community  service,  doing  things  like  fixing  or 
taking  apart  equipment,  coordinating  dona¬ 
tions  and  teaching.  -Simone  Kaplan 


Slawsby,  adding  that  the  carriage  retrieval 
service  now  goes  out  only  twice  a  week,  and 
he’s  lost  only  about  1 8  carts  since  installing 
the  system  a  year  ago.  “You’re  never  going  to 
be  able  to  stop  someone  who  really  wants 
to  take  a  cart,”  he  admits,  “but  at  least 
they’ve  got  to  put  in  some  extra  effort  now.” 


1995  IBM  announces  its  1995  plan  to  take 
over  Lotus  Development  Corp.  on  July  5. 
The  $3.5  billion  deal  was  the  largest  to  date. 

1997  Web  surfers  view  first-ever  photos 
from  Mars  transmitted  on  July  4  by  the 
Sojourner  robot,  part  of  the  unmanned 
Mars  Pathfinder  spacecraft. 


SOURCES:  THE  HISTORY  CHANNEL  WEBSITE 
( WWW.HISTORYCHANNEL.COM ).  WWW.COMPUTER.ORG 


4  0  CIO  JULY  1,  2002 


www.cio.com 


LLUSTRATION  BY  DAN  PICASSO 


NetWare  6. 


now  your  Network 


is  just  a  browser  away. 


Need  access  from  Australia?  Want  to  print  from  Prague?  Get  the  freedom  of  NetWare®  6.  As  part  of  Novell’s  one  Net 
vision,  NetWare  6  lets  your  users  have  access  to  their  file,  print  and  other  storage  resources  from  any  browser  in  the  world, 
anytime.  So  no  more  lugging  laptops  to  Latin  America.  All  they’ll  need  is  any  computer  with  an  Internet  connection. 
That’s  it.  And  that’s  the  beauty  of  one  Net.  So  take  this  as  a  sign  and  visit  www.noveIl.com/netware6  to  learn  more. 


Novell 

the  power  to  chaNge 


€>  Copyright  2001  Novell.  Inc.  All  rights  reserved.  Novell  and  NetWare  are  registered  trademarks  and  the  power  to  change  is  a  trademark  of  Novell.  Inc.,  in  the  United  States  and  other  countries 


V'J* 


Intelligent  ergonomics 

Slimmer  cabinets,  smaller 
footprints  and  new  thinner- 
frame  designs  integrate  more 
easily  into  all  work  environments 


Bright  outside.  Brilliant  inside. 


Intelligent  power  management  Intelligent  electronics 


Intelligent  visual  quality 


Low  power  consumption  and 
an  array  of  power  down/power¬ 
saving  modes  cut  costs  and 
increase  efficiencies 


Enhance  productivity  and  flexibility 
with  centralized  and  localized 
control  features,  self-diagnosing 
circuitry  and  available  Ambix™ 
dual  digital/analog  inputs 


From  SuperBright™  to  XtraView™ 
NEC  innovations  ensure  the 
highest  caliber  picture  quality 
with  minimal  fatigue  and 
ultimate  color  accuracy 


The  NEC  lineup  of  MultiSync®  CRT  and  LCD  monitors  deliver  sharp  views  and 
significant  values.  All  because  the  technology’s  smarter.  We’ve  made  them  more 
intelligent  to  make  your  computing  more  productive  and  cost-efficient.  With  a  host 
of  IT-friendly  features  that  offer  centralized  control  and  easier  asset  management. 
Plus  available  dual  digital/analog  interfaces  that  extend  the  life  of  your  monitor 
investment.  You’ll  slash  energy  costs  with  innovative  power  management  features. 
And  save  space  with  streamlined  cabinets  and  smaller  footprints. 

Choose  LCDs  when  space  is  at  a  premium  and  energy  efficiency  is  critical.  Or  go  with 
CRTs  for  lowest  total  cost  of  ownership  and  great  performance.  Either  way, you  get 
fatigue-free  viewing,  featuring  precise  geometries  and  fast  refresh  rates.  With  our 
wide  range  of  models  to  fit  any  application  along  with  superior  service  and  support, 
you’ll  see  there’s  never  been  a  better  time  to  see  more  with  NEC  —  a  world-class 
provider  of  visual  display  solutions. 

Learn  more  at  www.necmitsubishi.com/intelligent  or  call  888-NEC-MITS. 


MultiSync  is  a  registered  trademark,  and  Ambix,  XtraView+  are  trademarks  of  NEC-Mitsubishi  Electronics  Display  of  America,  Inc. 
©2002  NEC-Mitsubishi  Electronics  Display  of  America,  Inc.  All  rights  reserved.  Simulated  images  in  monitors. 


see moReT 

NEC/MITSUBISHI 

NEC-MITSUBISHI  ELECTRONICS  DISPLAY 


Total  Leadership 


How  Does 
Your  Workforce 

Grow? 

Effective  leadership  requires  equal  parts  of 
long-range  planning  and  regular  pruning 

BY  CHRISTOPHER  HOENIG 

GARDENERS  CONSTANTLY  DO  three  things:  pick  the  best  quality  seeds, 
prune  regularly  to  keep  the  plants  shapely  and  healthy,  and 
spend  hours  preventing  pests  and  then  treating  the  plants  for 
any  damage  sustained.  Those  same  three  things  should  domi¬ 
nate  any  leader’s  approach  to  people  management  and  staffing, 
whether  on  the  small  scale  of  a  team  or  through  a  worldwide 
performance  management  system. 

Seeding  the  Staff 

In  organizational  leadership,  the  equivalent  of  seed  for  your  gar¬ 
den  is  the  behaviors  and  values  of  your  people.  That  vision  must 
be  clear  and  ultimately  linked  to  strongly  held  values  and  spe¬ 
cific  behaviors.  If  you  have  a  fuzzy  vision  or  weakly  held  val¬ 
ues,  your  organization  can  grow — but  it  will  not  have  the  health 
and  productivity  you  intend. 

Vision  starts  at  the  very  beginning  of  the  hiring  process.  Ask 
yourself  the  question,  Can  this  person  become  a  leader  in  the 
organization?  It  doesn’t  matter  whether  you’re  hiring  functional 
specialists  or  line  employees.  At  McKinsey  &  Co.,  where  I  was 
involved  in  recruiting  and  hiring  for  several  years,  we  always 


asked  the  question — even  about  the  youngest  associates — Can 
we  envision  him  as  a  partner?  More  often  than  not,  it  was  that 
question  that  either  distinguished  a  candidate  or  sunk  him. 

If  you  can  find  and  bring  in  the  best,  then  use  consistent 
principles  in  developing  them.  At  my  current  employer,  the 
federal  General  Accounting  Office,  the  leadership  team  has 
three  core  values:  accountability,  integrity  and  reliability.  They 
are  so  deeply  held  within  the  organization  that,  one  way  or 
another,  they  influence  key  hiring  decisions. 

Be  sure  to  concentrate  on  specific  behaviors  that  you  want 
to  encourage.  Specificity  and  consistency  inspire  hope,  invest¬ 
ment  in  self-development  and  healthy  expectations.  In  con¬ 
trast,  there  is  nothing  more  damaging  than  an  attempt  to 
create  leaders  that  is  vague  and  inconsistently  applied.  It 
breeds  cynicism,  miscommunication  and  destructive  compe¬ 
tition.  I  have  worked  in  organizations  where  this  consistency 


4  4  CIO  JULY  1,  2002 


www  .cio  .com 


ILLUSTRATION  BY  TIM  COOK 


Introducing  Guardian™  Network  Attached  Storage 
Simple,  Cost-Effective  Storage  for  the  Enterprise 


Tired  of  Your  High-Maintenance  Relationship 

with  Storage? 


“You  are 
working 
this  weekend , 
otherwise,  NO 
file  sharing 
on  Monday 
morning!” 


“Why  are  we 
paying  ALL  this 
money  for  outside 
consultants?  Aren  ’ t 
you  supposed  to 
be  the  storage 
expert?” 


“We  spent 
HOW  MUCH 
on  some  server? 
I  could  buy  a 
house  for 
that!” 


f  “ What  do 
you  mean  the 
system  is  going 
to  be  down  for 
HOURS?” 


1.4TB/ 3U...under  $25,000 

The  new  Quantum  Guardian™  14000 
server  eliminates  cost  and 
complexity  from  your  storage 
infrastructure.  Deployment  is  quick 
and  easy,  with  no  downtime.  That  should 
save  some  headaches.  And  the  low  acquisition  cost  combined 
with  its  high  availability  and  minimal  administration  helps  you  live 
within  your  budgets.  Yet  you  still  enjoy  the  enterprise-class  security, 
management  and  performance  your  environment  demands.  The  new 
Quantum  Guardian™  14000  servers... building  blocks  for  simple, 
scalable  storage  growth.  Visit  www.quantum.com/Guardian  14000 
for  an  interactive  demo. 


Specs  •  1.4TB  •  3U  •  Dual  Gigabit  Ethernet  •  Supports  Windows/ 
UNTXJLinux/Macintosh  Environments  •  Journaling  File  System 

•  Standard  On-site  Support 

Security/ Management  •  Microsoft  Active  Directory  Sendee  (ADS) 

•  Kerberos  Authentication  •  UNIX  Network  Information  Service  (NIS) 

•  SNMP  •  Encryption  •  File  and  Folder  Security  •  Quotas  for  Users 
and  Groups1 

Availability  •  RAID  5,1,0  •  12  Hot-swappable  Disk  Drives 

•  Redundant,  Hot-swappable  Power  Supplies  and  Cooling  Fans 

•  Dual  Ethernet  for  Load  Balancing  and  Failover  •  Dual  Power  Cords 

Data  Protection  •  Snapshots  •  Backup  Agent  Support  (VERITAS 
NetBackup  and  Backup  Exec,  CA  ARCserve,  Legato  NetWorker) 

•  Server-to-Server  (S2S)  Synchronization  Softzvare  •  Local  Backup  via 
SCSI  Port2  •  APC  Smart-UPS  Support  •  Unlimited  User  Liceme 
PowerQuest  DataKeeper  (for  Windows  Client  Backup) 


1 .888.343.7627  •  www.quantum.com 


Quantum 


Total  Leadership 


exists  and  others  where  it  is  absent.  The  difference  is  like 
night  and  day. 

Prune  for  Shape 

You  need  not  only  a  vision  of  your  ideal  employee  but  also  of 
your  ideal  organization.  Specify  the  right  skill  and  knowledge 
mixes  that  will  add  up  to  a  well-shaped  company.  Then  make 
sure  other  leaders  in  the  organization  understand  the  shape  as 
well,  because  more  than  one  person  will  be  pruning  at  once. 
Above  all,  know  how  the  target  shape  relates  to  your  overall 
strategy.  I’ve  seen  countless  staff  development  systems  that  seem 
completely  disconnected  from  business  purpose. 


I’ve  been  consistently  awestruck  by  how  damaging 
one  bad  employee  can  be.  Every  leader  I’ve 
ever  met  has  a  secret  name  for  these  employees: 
“bad  apple,”  “black  hole,”  “cancerous.” 


A  leader’s  worst  enemy  is  a  performance  management  sys¬ 
tem  that  cannot  differentiate  employee  performance.  Whether 
you’re  starting  a  new  organization  or  leading  an  old  one,  prun¬ 
ing  the  staff  is  a  chore  that  must  be  adhered  to  religiously  to 
avoid  trouble.  In  a  small  organization,  where  every  person 
takes  on  huge  importance,  it  can  feel  like  lopping  off  a  vital 
branch.  Whereas  in  a  large  organization,  with  its  interlocking 
networks,  the  difficulty  is  avoiding  inconsistency  or  whole 
areas  of  neglect  that  can  damage  organizational  health.  The 
key  with  pruning  is  to  be  regular,  consistent  and  precise.  Once 
you’ve  decided  how  you  want  your  company  to  grow,  do  not 
shrink  from  cutting  off  branches  that  are  going  in  the  wrong 
direction.  That  means  you  have  lost  the  ability  to  shape  your 
organization’s  destiny. 

To  know  what  to  trim  and  what  to  grow,  you  need  informa¬ 
tion.  Information  on  performance  is  valuable  only  if  there  is  true 
dispersion  and  separation  in  ratings  and  evaluations  of  people’s 
performance.  Avoid  grade  inflation;  force  distributions,  and  use 
that  information  for  your  decisions.  Don’t  trust  your  own  systems 
to  verify  this  point — have  outside  organizations  come  in  and  test 
your  system.  Otherwise,  you’ll  never  really  know. 

When  you  find  a  performance  problem  with  one  of  your 
people,  either  heal  it,  cut  it  off  or  let  it  fall  away,  but  don’t  ignore 
it.  Keep  trimming  and  shaping  at  every  performance  cycle. 
Move  closer  and  closer  to  your  ideal  shape.  Many  leaders  get 
caught  in  the  trap  of  discussing  individuals  or  units  in  the  per¬ 
formance  cycle  instead  of  consistently  asking  the  question,  How 
much  closer  are  we  to  our  target  shape? 


Pest  Prevention 

As  a  leader,  I’ve  been  consistently  awestruck  by  how  dam¬ 
aging  one  bad  employee  can  be.  Every  leader  I’ve  ever  met 
has  a  secret  name  for  these  employees:  “bad  apple,”  “black 
hole,”  “cancerous.”  These  people  have  an  insidious  and  dis¬ 
proportionately  negative  impact  on  an  organization,  but  get¬ 
ting  rid  of  them  is  not  easy.  The  best  way  to  avoid  bad 
employees  is  a  tough  screening  process.  Best  practices  include 
multiple  interviews,  diligent  reference  and  background 
checks,  group  decision  making,  and  comparing  multiple 
applicants  for  every  job.  I  think  that  having  probation  peri¬ 
ods  for  key  positions  is  a  good  idea.  After  a  set  time,  every¬ 
one — the  organization  and  the  em¬ 
ployee — can  reevaluate. 

If  you  think  you  might  have  made  a 
mistake  in  hiring,  you  probably  have. 
Don’t  question  your  intuition — you’ll 
just  lose  time,  money  and  probably  end 
up  with  a  lawsuit.  Hiring  mistakes  need 
to  be  dealt  with  immediately.  I’ve  expe¬ 
rienced  the  pain  of  waiting  too  long  to 
deal  with  a  problem  employee  because 
there  always  seemed  to  be  a  reason  to  wait.  But  the  opportu¬ 
nity  cost,  especially  for  key  positions  in  small  companies,  can 
be  astronomically  high. 

If  you  run  an  organization  or  take  over  one,  then  your  imme¬ 
diate  and  regular  task  is  to  look  for  employees  gone  bad. 
They’re  usually  easily  identified  if  you  actively  look  for  them. 
The  process  of  culling  them  while  keeping  the  organization  run¬ 
ning  takes  a  lot  of  discipline  over  many  months.  It’s  hard  work 
to  maintain  fairness  while  avoiding  poor  morale  and  lawsuits. 
But  you’ll  soon  be  able  to  measure  your  success  by  the  increase 
in  job  satisfaction  and  productivity  of  your  other  employees. 
They’ll  take  great  heart  from  seeing  your  courage  to  deal  with 
a  problem  they’ve  had  to  live  with  every  day. 

So  even  though  it  might  not  fit  your  image  of  yourself  as  a 
leader,  develop  that  green  thumb.  You  won’t  regret  it,  as  over 
the  space  of  a  few  years  your  organization  begins  to  take  on 
the  shape  of  a  well-tended  garden.  And  you’ll  find  other  peo¬ 
ple  recognizing  your  efforts  and  wanting  to  take  a  look  and 
even  stay  awhile.  HP! 

What's  your  approach  to  organizational  leadership?  Let  us  know  at 
leadership@cio.com.  Christopher  Hoenig  has  been  an  entrepreneur 
(CEO  of  Exolve),  consultant  (McKinsey  &  Co.)  and 
inventor,  and  is  the  author  of  The  Problem  Solving 
Journey:  Your  Guide  to  Making  Decisions  and  Getting 
Results  (Perseus  Publishing,  2000).  He  is  now  direc¬ 
tor  of  strategic  issues  for  the  General  Accounting 
Office. 


4  6 


CIO  JULY  1,  2002 


www.cio.com 


PHOTO  BY  KATHERINE  LAMBERT 


■'  opyright  ©2002  (  ier  uity  Inc  All  rights  reserved  GE r  -JUITY  and  design  and  BLACK  R(  O  ET  and  des  lign  are  each  trademai 


Internet  SECURITY 


vs.  MANAGED  Internet  SECURITY 


These  days,  you've  got  to  go  beyond  VPNs, 
firewalls  and  access  control  solutions  to  keep  your 
data  secure.  You  need  to  actively  manage  every 
square  inch  of  your  network  infrastructure.  Going  it 
alone  is  not  the  best  option.  Going  with  Genuity  is. 

We  have  the  critical  technology  you  need  to  keep  your 
data  secure.  Genuity's  Black  Rocket  eBusiness  Network  Platform 
integrates  security  technology  with  Hosting,  Access,  Transport, 
Storage  and  VoIP  solutions.  And  it  sits  on  our  Tier  1  IP  network 
for  secure  communication  from  virtually  anywhere  in  the  world. 


But  technology  is,  of  course,  only  part  of  the  story.  You 
need  the  right  people,  too. 

Our  experts  actively  manage  and  maintain  your  network. 
We  live  and  breathe  network  security,  24x7x365.  We  monitor 
your  network  perimeter  for  security  breaches  and  unplanned 
network  failures.  And  look  for  potential  weaknesses  and  rec¬ 
ommend  solutions  before  they  become  problems. 

To  find  out  how  to  make  your  business  more  secure,  call 
1.800.GENUITY  or  visit  us  at 
www.genuity.com/ security. 


GENUITY 


CIO  Observer 

Viewing  the  World  Without  Spin 


On 

Assignment 


In  which  our  intrepid  reporter  gets  a  glimpse 
inside  the  wooly  world  of  trade  journalism 


I  HATE  LEARNING  THINGS  the  hard  way.  It  hurts!  That  I  always  expect 
things  to  go  smoothly  must  be  somehow  hardwired  into  my 
inner  bumpkin.  I  think  the  best  thing  you  could  say  about  my 
guardian  angel — that  habitual  no-show  who’s  supposed  to,  at 
the  very  least,  guard  my  dignity — is  that  she’s  an  underachiever. 

I  had  this  perfectly  terrific  idea  that  I’d  attend  the  user  con¬ 
ference  of  a  major  software  vendor  and  write  a  column  from 
the  point  of  view  of  those  responsible  for  putting  the  confer¬ 
ence  together.  Events  of  this  size  are  complex  and  require  flaw¬ 
less  systems-implementation-size  planning  and  execution.  I 
thought  it  might  be  interesting,  for  a  change,  to  see  the  event 
through  the  eyes  of  those  responsible  for  making  sure  the  mate¬ 
rial  was  relevant,  the  venue  and  facilities  were  attractive,  the 
events  and  buses  ran  on  time,  the  food  was  hot  and  the  beer 
cold.  I  selected  CA  World  over  the  other  large  conferences  for 
no  other  reason  than  it  occurred  early  enough  for  me  to  make 
the  July  issue  deadline. 

Some  months  before  the  event,  I  spoke  to  my  CA  contact 
in  the  press  relations  department  (let’s  call  him  Fred)  and 
explained  (rather  poorly,  it  turns  out)  my  idea  for  the  column. 

48  CIO  JULY  1,  2002  •  www.cio.com 


I  was  assured  that  I’d  have  access  to  the  right  folks.  About  a 
week  before  the  event,  I  got  a  call  from  Fred  telling  me  that  a 
single  interview  had  been  arranged  with  an  executive  vice  pres¬ 
ident  whose  department  coordinates  the  conference. 

“OK?”  Fred  asked. 

Now  here’s  where  the  learning  part  happens. 

I’m  pretty  sure  that  veteran  columnists  would  have  said, 
“Sure  Fred,  that’s  great,”  and  then  gone  to  the  conference  to 
surreptitiously  find  and  interview  whomever  they  needed  to 
get  the  information.  But  not  me.  Oh,  no,  not  this  rookie. 

“No,  Fred,”  I  answered.  “I  don’t  want  to  speak  to  a  pre¬ 
programmed  senior  executive.  I  want  to  speak  with  the  folks 
in  the  trenches,  the  ones  doing  the  work.” 

Wrong  answer. 

The  dialogue  that  ensued  was  too  lengthy  and  embarrass¬ 
ing  to  play  back  for  you  here,  but  it  involved  an  escalating 


BY  JERRY  GREGOIRE 


ILLUSTRATION  BY  PAUL  COX 


WINDOWS®  CE 
COMPUTER 
ON-BOARD 


SIMPLE  NETWORK 
MANAGEMENT 
PROTOCOL 


Finally  AV  and  IT  experts  are  finding  something 
to  agree  on  -  the  VPL-PX15  SuperSmart™  projector 
from  Sony.  It  combines  cutting  edge  projector 
technology  and  features  with  the  latest  in  wired 
and  wireless  networking  capability.  It  lets  you 
manage  content  and  take  control,  while  giving 
you  outstanding  performance,  reliability  and 
image  quality. 

The  VPL-PX15  has  an  on-board  computer  so  you 
can  upload,  store,  and  present  Excel®  worksheets, 
PowerPoint®  presentations,  JPEG  images,  bitmapped 
images,  and  more.  This  self-sufficient  projector 
can  even  access  and  browse  the  Internet  via  the 
supplied  remote  control.  Plus,  it's  always  on  the 
LAN,  ready  to  be  accessed,  locally  or  remotely... 
even  wirelessly... whether  or  not  it's  turned  on. 


Through  a  simple  Internet  browser,  Sony's 
VPL-PX15  can  be  monitored  from  any  location 
on  the  LAN.  You  can  determine  if  the  unit  is  on, 
which  input  is  selected,  its  operating  status,  even 
adjust  the  picture.  Compatibility  with  Remote 
Desktop  Protocol  also  enables  the  display  of  your 
computer's  desktop,  or  that  of  any  other  PC  on 
your  LAN,  via  remote  access... without  leaving 
the  meeting  room. 

And  no  more  last  minute  surprises  -  the  VPL- 
PX15  can  help  you  avoid  problems  before  they 
become  one.  This  SuperSmart  projector  is  so  smart, 
it  even  tells  you  when  it's  time  to  change  the 
lamp  via  email  with  Sony's  Auto  Email  function. 

So  make  your  next  projector  the  Sony 
VPL-PX1 5.  And  start  to  enjoy  the  benefits  of 
networking  today. 


For  a  limited  time  with  the  purchase  of  a  VPL-PX15  projector, 
you  can  receive  a  Wireless  LAN  Card  at  no  additional  charge. 
Call  1-800-766-9523  (Sony  LCD)  or  visit  www.sony.com/supersmart 
today  for  more  information  and  program  Terms  and  Conditions. 


SuperSmart 


02002  Sony  Electronics  Inc.  All  rights  reserved.  Reproduction  in  whole  or  in  part  without  written  permission  is  prc 
subject  to  change  without  notice.  Sony  and  SuperSmart  are  trademarks  of  Sony.  Excel,  Windows  and  PowerPoint « 


CIO  Observer 


series  of  threats,  including  revoking  my  press  credentials  and 
making  urgent  phone  calls  to  the  magazine’s  headquarters. 
This  was  followed  by  a  string  of  conciliatory  calls  offering 
clarification  and  assurances  of  cooperation.  Confusing  to 
say  the  least.  I  headed  for  the  conference  not  completely  sure 
I’d  be  let  in. 


The  scene  reminds  me  of  a  car  dealership, 
where  nervous  and  financially  overextended 
buyers  wait  isolated  while  the  salesman 
pretends  to  go  talk  to  his  manager. 


CA  World  was  held  in  Orlando,  Fla.,  this  year  and  will  be 
in  Las  Vegas  next  year.  The  attraction  of  these  cities,  of  course, 
is  the  attractions  (Mickey  Mouse,  Elvis  impersonators)  and 
great  facilities  like  the  Orange  County  Convention  Center.  CA 
appears  to  have  taken  over  all  1.4  million  square  feet  of  meeting 
and  exhibition  space.  The  press  packet  mentions  that  there  is 
380,000  square  feet  of  carpet  used  at  the  conference,  a  notable 
statistic,  I  suppose,  because  the  carpet  is  patterned  with  CA’s 
logo.  Everything  the  attendees  see  is  first-rate,  slick  and  color 
coordinated.  During  the  course  of  four  days,  the  press  packet 
boasts,  10,000  attendees  have  access  to  842  education  and 
information  sessions,  special  events  including  a  keynote  address 
by  former  New  York  City  Mayor  Rudy  Giuliani,  and  hun¬ 
dreds  of  product  exhibits  by  CA  and  its  partners. 

On  the  Scene 

One  aspect  of  the  event  that  I  find  particularly  fascinating  is  the 
Customer  Value  Corner,  an  area  sectioned  off  with  a  couple 
dozen  cubicles  for  private  meetings  between  customers  and 
their  CA  account  reps.  The  scene  reminds  me  of  a  car  dealer¬ 
ship,  where  nervous  and  financially  overextended  buyers  wait 
isolated  while  the  salesman  pretends  to  go  talk  to  his  man¬ 
ager.  The  CIOs  that  agree  to  meetings  in  the  Customer  Value 
Corner  apparently  haven’t  heard  the  rule,  “Never  negotiate  a 
contract  on  the  other  guy’s  home  turf.”  Abandon  all  hope,  ye 
who  enter  here. 

Another  area  is  reserved  for  the  conference’s  most,  shall  we 
say,  “looked  after”  guests  and  is  aggressively  defended  by  secu¬ 
rity  guards  to  make  sure  the  average  attendee  doesn’t  acciden¬ 
tally  wander  in.  It’s  an  expansive  arrangement  of  comfortable 
lounge  furniture,  fresh  flowers,  long  buffet  tables  of  perpetu¬ 
ally  stocked  free  food  and  beverages,  a  thoughtfully  outfitted 


work  area  with  workstations,  network  connections,  phones,  fax 
machines  and  copiers,  and  plenty  of  friendly  CA  folks  stand¬ 
ing  by  to  offer  assistance.  You  guessed  it,  it’s  the  Press  Center. 

The  Press  Center  is  an  inner  sanctum  divided  into  four  sec¬ 
tions:  a  work  area,  a  dining  area,  two  rows  of  glassed-in  inter¬ 
view  rooms,  and  a  large  theater  for  press  conferences.  That 
the  press  conferences  are  held  in  an  area  out  of  sight 
of  the  average  attendee  is  interesting,  in  that  there 
is  no  opportunity  for  the  press  to  hear  questions 
(like  “so  what?”)  that  a  customer  might  ask.  In 
any  case,  the  press  can  eat,  drink,  snooze,  gather, 
write  and  file  their  stories  without  ever  leaving  the 
cloister  or  mixing  with  the  attendees  (although  that 
is  certainly  allowed). 

At  the  core  of  this  largesse  is  CA’s  considerable 
investment  of  time,  money  and  effort  to  polish 
its  image.  Some  customers  I  talked  to  said  it’s 
working  and  some  aren’t  so  sure,  but  those  of  us 
who  remember  dealing  with  CA  10  or  15  years  ago  can  attest 
to  the  fact  that  the  company’s  image  definitely  needed  work. 

The  Inside  Scoop 

We  Dubya  Bush  Texas  Republicans  have  long  suspected  press 
bias  and  the  manipulation  and  filtering  of  information  when  the 
subject  is  political  or  social.  But  readers  of  technology  maga¬ 
zines  should  consider  that  the  large  IT  vendors  that  magazines 
write  about  are  also  their  advertisers  and  largest  source  of 
income,  no  small  matter  in  these  times  of  declining  ad  revenue. 
The  symbiosis  (or  parasitism)  between  writers  and  the  indus¬ 
tries  they  cover  can  be  fraught  with  contradiction.  A  lack  of 
access  to  senior  executives  can  make  you  an  ineffective  writer. 
An  unfavorable  story  can  mean  no  access  the  next  time  you 
need  it.  Making  a  press  relations  person  angry  can  have  the 
same  effect.  That,  in  essence,  was  the  gist  of  Fred’s  threats. 

In  what,  I  guess,  was  supposed  to  be  a  compromise,  I  was 
given  40  minutes  to  interview  the  executive  VP’s  second  in 
command,  Bob  Millin.  Bob  is  not  exactly  in  the  trenches,  but 
he’s  certainly  more  hands  on  than  his  boss.  Bob  is  a  friendly, 
energetic  guy  who  really  seems  to  love  his  job.  During  our 
time  in  the  little  glass  cube,  a  PR  person  (not  Fred)  sat  and 
scribbled  notes  as  fast  as  she  could.  Occasionally,  Bob  would 
shoot  a  self-conscious  glance  her  way  for  a  signal  that  it  was 
OK  to  answer  one  of  my  questions,  and  occasionally  she 
would  interrupt  and  ask  Bob  to  elaborate  on  something  or  tell 
a  particular  story  that  she,  evidently,  thought  I  needed  to 
know.  When  we  were  done,  I  asked  if  it  was  normal  to  have 
a  PR  person  in  attendance  at  these  interviews.  In  all  of  my 
time  at  Pepsi  Cola  and  Dell,  I  can’t  ever  remember  having 
one  of  our  PR  folks  sitting  in.  As  we  walked  out  of  our  cube, 
she  assured  me  that  it  was  and  began  to  steer  me  toward  a 


5  0 


CIO  JULY  1,  2002 


www.cio.com 


OKI  Color  Printers — Proven  To  Perform 
In  Demanding  Business  Environments. 


Trust  Earned  One  Success  At  A  Time. 

OKI  is  renowned  for  its  heritage  of  reliable  dot  matrix  and  LED 
page  printers.  Whether  printing  thousands  of  color  documents  at 
the  Pentagon  or  in  your  office,  OKI  color  printers  deliver.  Use  OKI 
color  printers  to  create  high-quality  color  reports,  presentations 
and  more  with: 

•  Consistent,  high-quality  color  up  to  1200  x  1200  dpi. 

•  Single  Pass  Color  technology  for  handling  a  variety  of  paper  stock. 

•  High  speed  output  with  up  to  21  pages  per  minute  in  color 
and  26  in  mono. 


Trust  OKI’s  Proven  Customer  Satisfaction. 

Successful  professionals  like  you  can  maximize  your  efficiency 
with  OKI’s  Award-Winning  color  printers.  Count  on  OKI  for: 

•  Live  customer  service,  24/7,  for  round-the-clock  support. 

•  Low  total  cost  of  ownership  for  affordable,  in-house  color  printing. 

•  High  “try  and  buy”  rating — 7  out  of  10  who  try,  buy  OKI 
color  printers. 


OKI 

C9200n 


1  •! 


Proven  In  The  Most  Demanding  Environments. 

Cali  1  -866-OKI-COLOR,  or  visit  www.okidata.com 


OKI 


VI 

©  2002  Oki  Data  Americas,  Inc.  OKI,  Reg.  T.M.,  Oki  Electric  Industry  Co.,  Ltd.,  Single  Pass  Color  and  Design.  Reg.T.M.  Oki  Data  Corporation.  OKI  Proven  T.M.,  Oki  Data  Amencas. 


With  Avaya,  you’re  already  this  close  to  IP  Telephony. 


In  fact,  you  can  use  what's  in  your  own  network.  Now  Avaya,  the  leader  in  voice  solutions, 
has  extended  IP  Telephony  to  an  open  architecture.  So  our  feature-rich  Multi  Vantage"1" 
Software  can  work  with  your  existing  investment,  allowing  you  to  have  Enterprise  Class  IP 
Solutions  anywhere  in  your  network.  That  means  you  get  gentle  migration  and  flexible 
deployment  from  the  core  to  the  edge,  or  the  other  way  around.  Learn  how  a  network 
assessment  can  help  you  discover  how  close  you  are  to  IP  Telephony.  Visit  avaya.com/yes 


AVAyA 


COMMUNICATION  WITHOUT  BOUNDARIES 


PHOTO  BY  STEVE  RAWLS 


CIO  Observer 


press  conference  that  was  under  way. 

This  press  management  overkill  begs  the 
question:  Do  honest,  above-board  compa¬ 
nies  with  good  products  and  services  and 
nothing  untoward  to  hide  need  a  press  rela¬ 
tions  department?  Unfortunately,  I  think 
they  do.  I  was  the  CIO  at  PepsiCo  during 
the  “syringe  in  the  Pepsi  can”  scare  of  the 
early  ’90s.  If  you  don’t  remember  the 
details,  a  couple  claimed  to  have  found  a 
syringe  in  a  can  of  Pepsi.  Their  lawyer 


certainty  that  there  was  nothing  to  find. 

Before  long,  most  of  the  would-be  vic¬ 
tims  and  compensation  seekers  confessed 
to  the  hoax.  It  took  years  to  regain  our 
market  position,  but  things  could  have 
been  far  worse  had  we  failed  to  manage 
our  public  persona. 

Managing  perceptions  and  maintaining 
trust  cuts  both  ways.  Writers,  myself 
included,  need  to  be  scrupulous  about 
what  we’re  willing  to  accept  from  individ- 


This  press  management  overkill  begs  the 
question:  Do  honest,  above-board  companies 
with  good  products  and  services  and  nothing 
untoward  to  hide  need  a  press  relations 
department? 


wrote  to  the  county  health  department, 
faxed  the  bottler  and  distributor;  and  called 
the  news  on  their  behalf.  Within  days, 
dozens  of  copycat  victims  and  the  press 
breathlessly  piled  on,  and  the  national 
chains  began  pulling  Pepsi  and  our  other 
products  out  of  their  stores,  giving  precious 
shelf  space  away  to  our  competitors. 

Those  of  us  who  were  familiar  with  the 
bottling  process,  the  lightning  speed  of  the 
production  line  and  the  particulars  of  how 
the  cans  are  handled  during  filling  and 
capping  knew  these  claims  were  a  pack  of 
lies.  (One  woman  was  caught  on  a  store 
security  camera  opening  a  can,  slipping  a 
syringe  into  it  and  walking  it  over  to  show 
the  cashier.) 

Had  it  not  been  for  the  good  counsel 
of  the  PR  department,  we  might  have  all 
run  to  the  nearest  television  camera  to  say 
just  that.  Given  the  press  feeding  frenzy 
that  was  under  way,  that  would  have 
been  a  huge  mistake.  Instead,  we  pub¬ 
licly  expressed  our  honest  concern, 
recalled  our  product  and  aggressively 
inspected  our  bottling  plants,  despite  our 


uals  and  organizations  whose  product 
offerings  rely  on  a  few  well-placed  reviews. 
The  sight  of  a  couple  hundred  reporters 
descending  on  a  lunch  buffet  as  the  steam 
tables  are  brought  out  can  be  a  little  unset¬ 
tling.  The  readers  of  CIO  and  publications 
like  it  are  a  savvy  bunch.  They  will  lose 
respect  for,  and  interest  in,  people,  institu¬ 
tions  and  disciplines  that  appear  incapable 
of  making  straightforward,  unbiased,  com¬ 
parative  judgments. 

Readers,  for  their  part,  need  to  under¬ 
stand  and  consider  the  underlying  dynam¬ 
ics  of  managed  access,  ad  revenue  genera¬ 
tion  and  the  weird  dance  that  goes  on 
between  reporter  and  subject. 

So,  lesson  learned,  I  guess.  Only  a  cou¬ 
ple  million  more  to  go.  HH 


Have  you  had  a  close  encounter  with  a  public  rela¬ 
tions  professional  or  member 
of  the  press?  Tell  Jerry  about  it 
at  jgregoire@cio.com.  Editor  at 
Large  Jerry  Gregoire  is  a  for¬ 
mer  CIO  of  Dell  Computer  and 
Pepsi  Cola. 


IP  Telephony. 
Where  to  start? 

With  Avaya  Enterprise  Class 
IP  Solutions  (EC  LI  PS) 
featuring  MultiVantage" 
Software,  start  anywhere 
in  your  network. 


S8700  Media  Server 

At  the  core. 

•  Delivers  up  to  99.999% 
reliability 

•  Scalable  from  20  to 
1  million  users 


G700  Media  Gateway 


At  the  edge. 

•  Survivable  remote  location 

•  Standards-based  distributed 
architecture 

•  Cost-effective  option 


With  a  specific  workgroup. 

•  First  to  seamlessly  extend 
applications  to  cellular 

•  Takes  applications  to  remote 
and  mobile  workers  for 
greater  productivity 


Learn  how  a  network  assessment  can 
help  you  discover  how  close  you  are 
to  IP  Telephony.  Visit  avaya.com/yes 


AVAyA 

COMMUNICATION  WITHOUT  BOUNDARIES 


WebSphere. 


software 


JUST  A  PLATFORM  FOR 


Winning  through  integration.  A  recent  study  found  that  IBM  WebSphere  infrastructure  software  is  the  Web 
services  platform  of  choice  for  early  adopters.  Why?  Because  it  connects  more  applications,  platforms, 
processes  and  people  than  any  other  software.  WebSphere.  Part  of  our  Web  services-enabling  software 
team,  along  with  DB2f  Lotus®  and  Tivoli®  Get  a  free  Web  Services  Toolkit  at  ibm.com/websphere/winning 


WEB  SERVICES. 


WEBSPHERE  ISN’T 


(e)  business  is  the  game.  Play  to  win.' 


mm 


PHOTO  BY  FURNALD/GRAY 


Data  has  no  ethics. 


Data  doesn’t  care  how  it’s  used. 


But  the  use  and  misuse  of  data  has  become  the  critical  issue  for 
today’s  information-intensive  enterprise.  Who  owns  the  data? 
Who  is  responsible  for  its  management?  Who  is  the  guarantor  of 
its  integrity?  CIOs,  the  guardians  of  business  data,  need  a  code 

toguidethem.  by  scott  berinato 


All  it  took  was  one  e-mail  from  an  irate  customer  for  Saab  Cars  USA  CIO  Jerry  Rode 
to  realize  he  had  a  developing  public  relations  fiasco  on  his  hands. 


In  1999,  Norcross,  Ga. -based  Saab  hired  four  Internet  marketing  companies  to 
send  customers  information  about  Saab’s  new  models.  And  although  the  auto  company 
had  specified  that  the  program  be  opt-in  (meaning  it  would  e-mail  only  the  people 
who  had  agreed  to  receive  such  mail),  one  of  the  marketing  companies  apparently 
had  a  different  definition  of  opt-in.  And  that  meant  one  ticked-off  customer,  with 
more  potentially  on  the  way. 


Rode  fired  the  errant  marketing  company  and  immediately  developed  a  formal 
policy  surrounding  the  use  of  customer  data.  “The  customer  doesn’t  see  ad  agencies  and 
contracted  marketing  firms.  They  see  Saab  USA  spamming  them,”  he  says.  “Finger¬ 
pointing  after  the  fact  won’t  make  your  customers  feel  better.” 


Reader  ROI 


As  Rode  learned  to  his  chagrin,  data  itself  doesn’t  care  how  it’s  used.  It  will  not 
stop  itself  from  spamming  customers  or  sharing  personal,  identifying  details  with 
third  parties.  It  cannot  decide  to  delete  or  preserve  itself.  Therefore,  it  falls  on  the 
shoulders  of  those  who  lord  over  ever  larger  terabytes  of  data — the  CIOs — to  develop 
ethical  guidelines  on  how  to  manage  it. 


►  See  how  a  doctrine  on 
data  ethics  would  elevate 
the  CIO  profession 


►  Learn  how  some  CIOs 
are  managing  their  data 
with  ethics  in  mind 


►  Understand  why  it's 
crucial  for  CIOs  to 
address  data  ethics 


But  most  CIOs  have  not  picked  up  the  gauntlet.  There  are  any  number  of  reasons 
why.  For  one,  the  stuff  is  hard.  The  issue  traps  CIOs  between  two  rather  loathsome 
roles  in  the  company — the  bad  guy  or  the  fall  guy.  Either  the  CIO  stops  marketers 
from  using  data  for  purposes  some  customers  are  not  comfortable  with,  thereby 
damming  potential  revenue  streams.  Or  the  CIO  imparts  no  ethical  code  and  is  left  to 
explain  why  the  company  has  allowed  a  customer’s  data  to  be  exploited.  Similarly, 
the  CIO  can  tell  the  CEO  what  he  can  and  cannot  do  with  the  company’s  data,  thereby 
putting  his  own  job  in  jeopardy.  Or  he  can  go  along  and  run  the  risk  of  finding  him¬ 
self  culpable  for  some  misuse  of  data. 


www.cio.com  •  JULY  1.  2002  CIO  57 


Cover  Story  |  Ethics 

No  matter  what  the  situation,  ad  hoc  decision  making  on  data 
ethics  isn’t  viable  any  more.  CIOs  must  start  a  meaningful  conver¬ 
sation  about  ethics  at  their  company.  Hard  money  is  at  stake  here. 
Companies  such  as  Doubleclick  and  Qwest  Communications, 
which  were  both  forced  to  pull  back  from  controversial  plans  to 
share  customer  data  with  other  companies,  have  seen  their  stock 
prices  plummet.  Soft  money  is  at  stake  too.  Brands  such  as  Saab  Cars 
USA  stand  to  suffer  uncalculable  losses  when  customers  feel  violated. 
Data  ethics  is  not  just  a  moral  issue;  it’s  the  intersection  of  business 
and  morality.  And  if  the  CIO  doesn’t  take  the  lead,  then  someone 
else — like  the  customer  or  the  government — will. 

The  goal  here  is  to  explain  why  CIOs  need  a  code  of  ethics  when 
it  comes  to  data  management,  and  then  to  propose  such  a  code.  (See 
“The  Six  Commandments  of  Ethical  Data  Management,”  this  page.) 

Rode,  for  one,  is  all  for  it.  “I  don’t  see  ducking  the  problem  and 
blaming  it  on  marketing  or  saying  something  slipped  by  as  the 
answer,”  he  says.  “I  see  this  as  the  CIO’s  responsibility.  We  need  to 
take  ownership  of  the  problem  and  develop  some  rules.” 

Function  Creep 

Everyone  wants  Scott  Thompson’s  data.  Thompson  is  executive 
vice  president  of  Foster  City,  Calif.-based  Inovant,  the  company 
Visa  set  up  to  handle  its  technology.  Thompson’s  job  includes  the 
responsibilities  of  Visa  CIO,  the  job  from  which  he  was  promoted 
last  year.  At  Inovant,  he  stands  atop  35  billion  credit  and  debit  card 
transactions  per  year. 

Sales  and  marketing  would  love  to  drill  into  Thompson’s  data¬ 
bases.  They’d  love  to  refine  the  data  into  loyalty  programs,  target 
marketing  or  partnerships  between  Visa  and  retailers.  “There  are  lots 
of  creative  people  coming  up  with  these  ideas,”  Thompson  says. 
“This  whole  area  of  data  sharing  is  enormous  and  growing.  For 
the  marketers,  the  sky’s  the  limit.” 

But  Thompson  isn’t  playing  ball.  He  is  determined  to  prevent  an 
environmental  disaster:  the  pollution  of  the  Visa  brand  through  the 
violation  of  its  customers’  privacy.  To  share  the  data  on  what  peo¬ 
ple  spend  their  money  on,  in  what  stores,  at  what  time  of  day — all 
of  which  and  more  resides  in  Visa’s  databases — would  violate  Visa’s 
own  rules  for  acceptable  use  of  customer  data. 

Visa,  Thompson  says,  errs  on  the  side  of  caution  with  its  credit 
card  data  policy,  devised  by  Thompson  along  with  staffers  who  spe¬ 
cialize  in  privacy.  He  bars  any  use  of  it  outside  of  its  intended  pur¬ 
pose,  which  is  mainly  billing.  Keeping  the  data  off-limits,  he  fig¬ 
ures,  keeps  customers  from  choosing  MasterCard  instead. 

This  is  not  to  say  Thompson’s  not  tempted  to  share  the  data.  He 
is,  every  day.  “Every  single  day  of  the  week,  someone  outside  our 
organization  comes  to  us  and  says,  ‘If  only  we  could  use  your  data  to 


The  Six  Commandments 
of  Ethical  Data 
Management 

Electronic  data  about  customers,  partners  and 

employees  has  become  corporate  America’s  most 
valuable  asset.  But  the  line  between  the  proper  and 
improper  use  of  this  asset  is  at  best  blurry.  Should 
an  employer  be  able  to  search  employee  files  without 
employee  consent?  Should  a  company  be  able  to  sell  cus¬ 
tomer  data  without  informing  the  customer  of  its  intent? 
What  is  a  responsible  approach  to  document  deletion? 

The  law  provides  guidelines  in  many  of  those  areas,  but 
how  a  company  chooses  to  act  within  the  confines  of  the  law 
is  up  to  its  officers.  Since  CIOs  are  responsible  for  the  tech¬ 
nology  that  collects,  maintains  and  destroys  corporate  data, 
they  sit  smack  in  the  middle  of  this  ethical  quagmire.  Or  they 
ought  to.  In  an  effort  to  provide  guidelines  for  CIOs  thinking 
hard  about  ethical  data  management  (and  to  nudge  those 
who  aren’t),  we  have  developed— with  the  help  of  more  than 
100  CIOs— principles  for  ethical  data  management. 

Here’s  how  we  did  it:  We  asked  members  of  the  CIO  Best 
Practice  Exchange,  our  members-only  online  IT  executive 
forum,  to  generate  and  then  debate  a  set  of  principles  for  the 
ethical  management  of  data.  From  this  online  discussion  and 
follow-up  telephone  interviews,  we  drew  up  a  set  of  seven 
principles  to  guide  CIOs  through  the  murky  territory  of  data 
collection,  manipulation  and  destruction. 

Next,  we  put  those  seven  principles  back  into  the  Exchange 
for  a  vote.  The  six  survivors  (those  principles  that  received 
more  than  50  percent  of  member  votes)  are  listed  right. 

-Martha  Heller 


do  this  or  profile  that,  it  would  be  a  license  to  print  a  zillion  dollars 
for  Visa,”’  he  says.  “I’ve  heard  a  half-dozen  ideas  for  uses  of  this 
data  where  I  thought,  That’s  pretty  clever,  I  know  that  would  work. 
But  as  I’ve  said,  we  made  this  decision.  We’re  not  going  to  do  it.  ” 
However,  a  larger  question  remains:  Can  Thompson  guarantee — 
as  he  did  at  one  point  during  an  interview — that  some  unethical 
use  of  data  won’t  crop  up  at  Inovant  or  Visa?  Many  experts,  and 
lawyers,  think  he  cannot.  After  all,  in  a  large  majority  of  cases,  the 
unethical  use  of  data  happens  not  through  the  malicious  scheming  of 


“,l  .don’tsee  ducking  the  problem  and, blaming  iton  marketing  or  saying 
something  slipped  by.  1  see  this  as  the  CIO  s  responsibility.  -JERRY  RODE,  CIO  OF  SAAB  CARS  USA 


58  CIO  JULY  1,  2002  •  www.cio.com 


It  has  been  proposed,  and  accepted,  that... 


Data  is  a  valuable  corporate  asset  and 
should  be  managed  as  such,  like  cash, 
facilities  or  any  other  corporate  asset. 

Members  gave  unanimous  support  to  this  principle.  The 
philosophy  here  is  simple:  The  better  you  manage  your  corporate 
data,  the  more  valuable  your  corporate  asset.  Poor  management 
of  that  data  is  like  throwing  away  money. 

The  CIO  is  steward  of  corporate  data 
and  is  responsible  for  managing  it  over 
its  life  cycle— from  its  generation  to  its 
appropriate  destruction. 

While  all  voting  members  agree  that  data  is  an  asset,  only 
72  percent  want  to  be  responsible  for  the  health  of  that  asset. 

This  then  raises  the  question:  If  not  the  CIO,  then  who? 

The  CIO  is  responsible  for  controlling 
access  to  and  use  of  data,  as  determined 
by  governmental  regulation  and  corpo¬ 
rate  policy. 

According  to  73  percent  of  our  voters,  marketing,  HR  or  anyone 
else  who  wants  a  piece  of  the  corporate  jewels  must  go  through 
their  gatekeeper,  the  CIO. 

The  CIO  is  responsible  for  preventing 
the  inappropriate  destruction  of  data. 

Where  were  the  CIOs  of  Enron  and  Arthur  Andersen 
during  their  massive  data  destruction  campaigns? 
Most  companies,  on  the  advice  of  corporate  counsel,  destroy  data 
on  a  regular  basis.  But  when  the  goal  is  to  circumvent  those  policies 
and  eliminate  incriminating  evidence,  it  falls  on  the  CIO’s  shoul¬ 
ders,  according  to  69  percent  of  voters,  to  keep  that  data  safe. 


The  CIO  is  responsible  for  bringing 
technological  knowledge  to  the  devel¬ 
opment  of  data  management  practices 
and  policies. 

Top  executives  cannot  develop  an  effective  data  management 
policy  without  knowingthe  full  range  of  technical  possibilities  for 
slicing,  dicing,  collecting  and  trashing  it.  And  it  is  the  CIO  who 
owns  that  knowledge  and  must  share  with  other  members  of  the 
executive  committee,  according  to  all  but  one  of  the  voters. 

The  CIO  should  partner  with  executive 
peers  to  develop  and  execute  the  orga¬ 
nization’s  data  management  policies. 

This  statement  received  100  percent  voter  support. 

It  goes  both  ways:  A  company  that  creates  data  management 
policies  without  the  input  of  its  steward  will  wind  up  with  a  tooth¬ 
less  policy,  as  will  the  CIO  who  rules  over  data  with  an  iron  fist. 

St  has  been  proposed  and  rejected  that... 

The  CIO  is  responsible  for  maintaining  the 
accuracy  and  integrity  of  data. 

Fifty-two  percent  of  our  members  voted  this  statement  off  the 
island.  Why?  Garbage  in,  garbage  out,  members  told  us.  CIOs 
can  build  systems  that  force  users  to  conform  to  format,  but  they 
can’t  do  much  about  users  who  enter  inaccurate  information. 


Do  you  accept  THE  CIO'S  SIX  COMMANDMENTS?  Post  your  vote  and 
comments  at  www.cio.com/readerpoll .  What  guidelines  for  ethical  data 
management  have  we  missed?  E-mail  Best  Practice  Exchange  Director 
Martha  Heller  at  mheller@cio.com. 


a  rogue  marketeer  but  rather  by  inattention. 

Here’s  how:  Customer  data  is  collected  and  stored  for  some  pur¬ 
pose,  such  as  record  keeping  or  billing.  A  sales  or  marketing  pro¬ 
fessional  figures  out  another  way  to  use  it.  Or  a  partner  company 
may  ask  to  share  it.  Or  another  company  could  be  willing  to  pay 
for  it — pure  profit  that  would  be  tempting  for  any  company. 

This  is  known  as  function  creep,  and  it’s  a  serious  concern  for 
ethicists.  The  classic  example  of  function  creep  is  the  Social  Security 
number,  which  started  simply  as  a  way  to  identify  government  retire¬ 
ment  benefits  and  is  now  used  as  a  sort  of  universal  personal  ID, 
found  on  everything  from  driver’s  licenses  to  savings  accounts.  But 
the  problem  is  exacerbated  by  technology  that  makes  it  incredibly 
easy  to  repurpose  data. 


N2H2,  a  company  that  makes  Web-filtering  software,  fell  victim 
to  function  creep.  N2H2  software  is  popular  in  secondary  schools 
for  filtering  inappropriate  content.  To  do  this,  the  software  collects 
information  about  every  website  a  student  visits. 

With  all  that  data,  a  marketer  could  learn  much  about  the  stu¬ 
dents’  surfing  habits,  and  in  2000  N2H2  offered  to  sell  its  data  (in 
the  aggregate)  for  $10,000  a  month,  under  the  brand  Class  Clicks, 
through  marketing  company  Roper  Starch.  N2H2  had  two  cus¬ 
tomers — a  Web  portal  that  focused  on  education  and  the  Department 
of  Defense,  which  wanted  to  use  the  data  for  recruiting  programs. 
The  plan  was  exposed  to  the  public  after  only  a  month,  in  part  by 
the  DoD,  which  got  cold  feet  about  the  program  and  notified  pri¬ 
vacy  advocates.  After  an  ensuing  wildfire  of  publicity,  N2H2  decided 


www.cio.com 


ULY  1.  2002  CIO  59 


Cover  Story 


Ethics 


■ 


As  executive  vice  president  of  Inovant,  the  company  Visa  set  up  to  handle  its  technology, 
Scott  Thompson  errs  on  the  side  of  caution:  He  bans  the  use  of  Visa’s  customer  data  for 
anything  outside  of  its  intended  purpose,  which  is  billing. 


to  stop  offering  the  Class  Clicks  service. 

It  sounds  almost  quaint  to  say  that  data 
should  be  used  only  for  the  purpose  for  which 
it  was  collected,  and  nothing  else,  but  that  is 
conventional  ethical  wisdom,  according  to 
Chris  Hoofnagle,  legislative  counsel  at  the 
Electronic  Privacy  Information  Center  based 
in  Washington,  D.C.  “Somehow,  technology 
has  led  to  this  rogue  theory  that  acquiring  data 
about  people  gives  you  the  right  to  own  that 
data,  that  mere  collection  translates  to  owner¬ 
ship,”  Hoofnagle  says.  “But  there’s  no  theory 
of  property  that  says  that’s  OK.”  Hoofnagle 
blames  the  new  mind-set  on  the  ease  with 
which  data  is  now  collected  and  stored,  via 
database  queries  and  massive  CRM  data  ware¬ 
housing  systems. 

The  only  current  limits  to  function  creep 
seem  to  be  the  limits  of  marketing  and  sales’ 
collective  imagination.  “Marketing  organiza¬ 
tions  can  rationalize  their  way  to  the  greater 
good  to  a  point  where  it  could  blind  anyone, 
especially  a  CIO  sitting  on  the  fence  on  ethics,” 
says  Jack  Cranmer,  CIO  of  Arizona-based 
Mayo  Clinic  Scottsdale,  one  of  three  group 
^practices  that  make  up  the  Mayo  Foundation. 

In  Cranmer’s  case,  he’s  handling  sensitive 
patient  information  that  researchers  want  to 
use  for  medical  studies.  “But  if  you’re  target¬ 
ing  customers  based  on  data  you’ve  collected  for  some  other  use, 
there’s  where  you  should  start  thinking  about  ethics,”  he  says. 

Often,  by  the  time  the  CIO  finds  out  about  the  function  creep, 
or  by  the  time  it  gets  to  corporate  counsel,  the  marketing  group  is 
disseminating  the  data  already,  says  Rich  Honen,  an  attorney  at 
Albany,  N.Y.-based  Honen  and  Wood,  which  advises  corporate 
clients  on  data  ethics.  But  Honen  maintains  that  it’s  the  CIO’s 
responsibility  to  understand  and  track  the  flow  of  information  and 
maintain  an  ongoing  discussion  with  marketing  and  legal  execu¬ 
tives  about  the  ethical  use  of  the  data. 

Joel  Reidenberg,  professor  of  law  at  Fordham  University  in  New 
York  City  and  expert  on  data  privacy,  adds,  “Took,  there  isn’t  a 
single  company  today  that  doesn’t  know  where  its  money  is.  Why 
aren’t  companies  paying  attention  to  the  flow  of  information  the 
way  they  do  money?” 

cio.com _ ■ 

Is  it  up  to  the  CIO  to  start  the  conversation  about  the  ethical 
uses  of  data?  WEIGH  IN  with  your  opinion.  To  find  the  com¬ 
ment  page,  go  to  the  Web  Connections  box  at  www.cio.com. 


Whose  Data  Is  It  Anyway? 

Fast  year,  Reidenberg  received  an  offer  for  cell  phone  service  from 
AT&T  Wireless.  The  offer  revealed  that  AT&T  Wireless  had  used 
Equifax,  a  credit  reporting  agency,  to  identify  him  as  a  likely  cus¬ 
tomer.  “We  used  information  we  obtained  from  a  consumer  report¬ 
ing  agency,”  the  disclaimer  read  in  part.  This  disclosure  is  required 
by  the  Fair  Credit  Reporting  Act  (FCRA).  The  FCRA  also  requires 
Equifax  to  disclose  that  it  has  sold  a  credit  report  and  to  whom,  if 
a  consumer  asks.  Reidenberg  asked.  Equifax  told  him  it  had  sold 
his  credit  report  to  AT&T  Wireless. 

It  was  good  business.  Equifax  made  money  selling  data  it  already 
owned;  AT&T  Wireless  could  hone  its  target  market  to  get  a  better 
response  to  its  marketing  campaign. 

The  bad  part  was  that,  by  law,  credit  information  can’t  be  used 
to  sell  anything.  Reidenberg  cites  the  FCRA,  which  forbids  such 
repurposing  in  every  case  except  when  the  data  is  used  for  “a  firm 
offer  of  credit  or  insurance.”  In  other  words,  the  only  product  you 
can  sell  based  on  credit  data  is  credit. 

A  spokesman  for  Equifax  says  that  as  long  as  AT&T  Wireless  (or 
any  company  for  that  matter)  is  offering  the  cell  phone  service  on  a 
credit  basis,  such  as  allowing  the  use  of  the  service  before  the  consumer 


60  CIO  JULY  1,  2002  •  www.cio.com 


PHOTO  BY  MARKHAM  JOHNSON 


Are  your 

customer  care  capabilities  as 
integrated  as  they  could  be? 


Today,  providing  consistent  customer  care  requires  linking  all  of  your  resources. 

From  the  front  office  to  the  back  office  and  even  out  into  the  field.  Genesys  can  help. 
Join  us  for  a  free  Webinar  on  Customer  Care  Integration  and  learn  how  to 
provide  superior  customer  service  across  your  entire  enterprise.  For  more  information 
and  to  register  for  the  free  Webinar,  visit  www.genesyslabs.com/integration. 


Better  Interactions 
Better  Business. 


N  ATC#tfl  COMfAMY 


Cover  Story 


Ethics 


has  to  pay,  it  is  in  compliance  with  the  FCRA.  Since  cases  around 
unfair  marketing  based  on  credit  data  often  languish  in  court,  many 
companies  may  take  a  calculated  risk  that  they  won’t  run  into  too 
much  legal  trouble  for  using  credit  data  in  their  targeted  offers. 

Reidenberg  makes  a  distinction  between  what  is  legal  and  what 
is  ethical.  “The  average  consumer  would  have  no  idea  AT&T 
Wireless  was  violating  the  law,”  he  says.  “But  even  if — and  this  is 
highly  unlikely — even  if  the  courts  decided  after  five  years  that  this  was 
a  legitimate  use  of  customer  data,  the  customers  will  be  outraged.” 


Wisconsin  and  that  you  called  them  on  Sundays,  they  could  tailor 
a  long-distance  service  expressly  for  you.  If  they  sold  the  data  to  a 
travel  agency,  you’d  receive  solicitations  for  flights  to  Milwaukee. 

Unlike  the  AT&T  Wireless  case,  using  this  data  seems  to  be  legal. 
But  customers  didn’t  care  about  that.  When  they  discovered  Qwest’s 
plan  embedded  in  fine  print  in  a  Qwest  brochure,  they  protested 
via  the  media,  saying  it  was  an  unethical  violation  of  their  privacy. 
Qwest  offered  an  opt-out  service  whereby  consumers  could  call  or 
go  online  and  request  that  Qwest  exclude  their  personal  CPNI  data. 


“If  you’re  targeting  customers,  based  9n  data,  you’ve  collected  for  some  other  use, 

there  s  where  you  should  start  thinking  about  ethics.  -JACK  CRANMER,  CIO  OF  MAYO  CLINIC  SCOTTSDALE 


In  the  end,  customers  decide  whether  a  company  has  acted  ethi¬ 
cally,  and  very  often  a  consumer’s  notion  of  the  rules  shares  little  in 
common  with  what’s  allowed  under  law. 

Qwest  Communications,  a  telecom  company  based  in  Denver,  is 
learning  this  the  hard  way.  Earlier  this  year,  Qwest  planned  on  shar¬ 
ing  internal  customer  proprietary  network  information  (CPNI)  data 
about  its  12  million  customers  with  other  companies.  That  means 
your  phone  bill.  Whom  you  call.  How  long  you  talk.  How  much 
you  pay.  What  services  you  select.  How  often  you  use  directory  assis¬ 
tance.  Like  Visa’s  credit  card  transaction  data,  CPNI  data  is  a  tar¬ 
get  marketer’s  dream.  If  marketers  knew  you  had  relatives  in 


This  process  proved  so  difficult  that  some  privacy  advocates  accused 
Qwest  of  making  it  difficult  on  purpose,  to  keep  the  number  of  cus¬ 
tomers  who  opted  out  at  a  minimum. 

Finally,  under  unyielding  customer  pressure,  Qwest  dropped  the 
idea — for  now.  Pending  the  Federal  Communications  Commission’s 
review  of  the  rules  around  CPNI  data  later  this  year,  Qwest  has  said 
it  may  yet  use  CPNI  data  as  a  marketing  tool. 

After  several  requests  by  CIO  to  speak  to  the  CIO  and  chief  pri¬ 
vacy  officer,  a  Qwest  spokeswoman  declined  to  comment,  and  ques¬ 
tions  sent  via  e-mail  went  unanswered. 

Qwest  could  have  avoided  the  flood  of  bad  publicity  by  making 


Any  CIO  who  does  not  have  a  corporatewide  policy  in  place  governing 
the  retention  and  deletion  of  data  is  in  big  trouble 


In  general,  the  CIO’s  ethic  is  to  preserve 
data  at  all  cost.  In  the  post-Enron  era,  that 
ethos  is  running  smack  into  a  more  power¬ 
ful  corporate  urge  to  get  rid  of  any  compro¬ 
mising  data. 

“I  think,  because  of  Enron,  you’ll  see 
executives  more  focused  on  making  sure 
there’s  nothing  that  will  make  us  look  bad,” 
says  Avram  Kornberg,  CTO  of  Oppenheimer 
Funds  in  New  York  City. 

So  what’s  a  good  CIO  to  do? 

For  starters,  you  should  initiate  the 
development  of  a  clear-cut  corporate  pol¬ 
icy  that  spells  out  when  data  should  be 
preserved  and  when  it  is  appropriate  to 
delete  it,  if  only  to  save  storage  space  for 


future  data.  And  once  that  policy  is  in 
place,  the  CIO’s  responsibility  is  to  raise 
objections  if  someone  in  your  company 
asks  you  to  delete  data  in  a  way  that  does 
not  conform  to  company  policy— or  to  legal 
policy. 

“What  happens  is  a  CIO  might  get  an 
order  to  delete  something  and  he’ll  nod  and 
say  that’s  fine,  thinking  nothing  of  the 
request,  but  then  the  obscure  machinery  of 
fate  exposes  this  and  people  think  you’ve 
done  something  unethical,”  says  Colin 
Potts,  a  privacy  and  technology  expert  who 
specializes  in  ethical  issues  as  associate 
professor  of  computing  at  Georgia  Tech.  “It 
is  not  enough  to  have  good  intentions  in  IT, 


to  think  as  long  as  you’re  riot  stealing  or 
lying  you’re  ethical.  You  have  to  look  at  it 
like  engineering;  you  have  to  think  about 
the  technical  consequences  of  what  you’re 
doing.” 

This  means  CIOs  should  save  data,  not 
delete  it,  unless  there’s  an  extremely  sound 
reason  to  delete  it.  Even  then,  don't  assume 
that  data’s  deleted  in  the  true  sense  of  the 
word.  Technology  forensics  experts  can 
recover  quite  a  bit  of  deleted  data. 

“The  CIO  will  always  be  somewhat  on  the 
line  for  this,”  argues  Thomas  Bodenberg,  a 
senior  research  associate  at  The  Conference 
Board  in  New  York  City.  "He  has  the  tools.” 

-SB. 


62  CIO  JULY  1,  2002  •  www.cio.com 


PHOTO  BY  SONNY  WILLIAMS 


As  CIO  of  Saab  Cars  USA,  Jerry  Rode  realized  he  needed  a  formal  data  ethics  policy  after  an 
online  marketing  company  targeted  Saab  customers  even  though  they  had  opted  out  of 
an  e-mail  solicitation. 


the  CPNI  marketing  program  opt-in  from  the  beginning.  According 
to  privacy  advocates,  opt-in  is  the  appropriate  way  to  handle  cus¬ 
tomer  data.  Personal  data  is  untouchable  until  you,  the  consumer, 
give  us  permission  to  use  it  after  we,  the  company,  tell  you  precisely 
what  we  want  to  use  it  for. 

The  problem  is,  marketers  will  do  anything  to  avoid  opt-in  mar¬ 
keting.  Statistics  suggest  that  when  personal  data  marketing  becomes 
opt-in,  more  than  nine  out  of  10  consumers  will  decline  to  join.  If 
only  10  percent  of  the  target  market  chooses  to  participate,  the  mar¬ 
keters  are  left  with  data  that  doesn’t  tell  them  very  much. 

The  Next  Branding  Trend 

When  CIOs  do  take  a  lead  on  data  ethics,  the  results  are  positive. 
Gene  Elias,  CIO  of  Quiksilver,  a  surfwear  clothing  company  based  in 
Huntington  Beach,  Calif.,  that  targets  9-  to  15-year-old  children,  has 
taken  this  thinking  to  the  extreme.  Elias  has  prohibited  sales  and  mar¬ 
keting  from  using  any  of  the  customer  data  he  possesses — which 
amounts  to  personal  information  collected  when  people  join  mailing 
lists  or  become  members  at  the  Quiksilver  website.  He  says  the  com¬ 
pany  doesn’t  retain  credit  card  numbers  after  transactions  in  Quiksilver 
stores,  and  all  of  his  data  ethics  guidelines  pass  muster  worldwide. 

Clearly  such  limits  set  up  an  adversarial  relationship  between 
marketing,  which  stands  to  benefit  greatly  from  collecting  and  repur¬ 


posing  data,  and  the  CIO,  who  stands  to 
lose  his  reputation  over  a  privacy  flap.  “So 
far,  knock  on  wood,  marketing  understands 
when  I  tell  them  there  are  pitfalls  in  doing 
certain  things  with  data,”  says  Saab’s  Rode. 
“But  it’s  also  helped  to  offer  alternatives, 
instead  of  just  being  the  ‘no’  man.” 

One  alternative  suggested  by  Rode  that 
has  paid  back  is  an  online  service  called 
Saab-i.  Rode  makes  sure  it’s  the  ultimate 
opt-in — with  absolutely  no  use  of  data 
without  express  consent  of  the  consumers. 
In  exchange  for  agreeing  to  be  marketed  to 
and  have  their  data  used  in  aggregate  form, 
consumers  obtain  access  to  early  notifica¬ 
tion  of  Saab  promotions  and  can  get  their 
car  questions  answered.  Rode  says  member¬ 
ship  has  doubled  every  year  for  three  years. 

Both  Rode  and  Elias  believe  the  next  brand¬ 
ing  trend  in  the  United  States  will  be  trust. 
Marketing  opportunities  lost  will  be  made  up 
through  customer  loyalty.  Consumers  will 
choose  between  vendors  based  on  their 
policies  around  how  ethically  the  company 
treats  personal  information,  among  other  pri¬ 
vacy  litmus  tests.  And  CIOs,  they  say,  can  play 
a  crucial  role  in  promoting  this  trend. 

While  Rode  has  developed  formal  rules  on  how  to  manage  cus¬ 
tomer  data,  Elias  admits  that  his  are  mostly  informal.  “If  someone 
new  came  into  marketing  and  I  felt  like  they  didn’t  understand  how 
I  guard  this  data,  I  might  change  my  tune,  make  the  rules  a  little  more 
formal  because  the  relationship  is  not  there,”  he  says. 

A  Hippocratic  Oath 

It  might  work  informally  at  Quiksilver,  but  as  Mayo  Clinic’s 
Cranmer  notes,  “not  everyone  has  a  strong  sense  of  ethics.”  As  a 
result,  some  CIOs  say  there  needs  to  be  a  formal  code  of  ethics  or 
principles  that  lay  out  the  CIO’s  moral  obligations  when  it  comes 
to  data.  Such  a  doctrine  is  meant  to  help  CIOs  in  a  way  that  the 
Hippocratic  oath  guides  doctors.  The  six  commandments  we  have 
suggested  on  Page  58  address  not  only  the  issue  of  customer  data 
but  data  retention  and  deletion  as  well,  and  the  role  that  the  CIO 
should  play  in  communicating  to  the  rest  of  the  organization  why 
such  guidelines  are  crucial. 

“If  we  have  guidelines,  it  will  help  the  CIO  know  where  the  line 
is,”  says  Cranmer.  “It  would  also  allow  CIOs  to  hold  up  a  docu¬ 
ment  that  says,  ‘This  is  what  I  ascribe  to.”'  HEl 

Got  any  ethical  conundrums  you'd  like  to  share?  Let  Senior  Writer  Scott  Berinato 
know  at  sberinato@cio.com. 


www.cio.com  •  JULY  1,  2002  CIO  63 


Interview 


Wal-Mart  CIO  Kevin  Turner 


THE  I.T.  INSIDE  THE 


After  several  years  out  of  the  press  spotlight,  Wal-Mart 
reopens  its  doors  for  CIO’s  exclusive  interview  with  CIO 
Kevin  Turner,  who  shares  the  secrets  behind  Wal-Mart’s 
global  growth,  what’s  happened  since  Sept.  11  and  which 
technologies  the  retailer  is  eyeing  by  abbie  lundberg 


Wal-Mart  is  big  ■  To  understand  just  how  big,  consider  that  on  Nov.  23,  2001, 
the  40-year-old  retailer  sold  more  than  $1.25  billion  worth  of  goods  in  a  single  day.  The 
company  has  4,457  stores,  30,000  suppliers,  annual  sales  of  more  than  $217  billion — 
and  one  information  system.  According  to  CIO  Kevin  Turner,  running  centralized  IS  with 
homegrown,  common-source  code  gives  Wal-Mart  a  competitive  advantage  and  helps 
the  company  maintain  one  of  the  lowest  expense  structures  in  retail. 

Turner  stepped  into  the  top  CIO  spot  two  and  a  half  years  ago  at  age  34,  when  former 
CIO  Randy  Mott  departed  for  Dell.  Turner  had  served  as  Mott’s  second  in  command,  and 
prior  to  that  he  ran  application  development  as  Wal-Mart’s  youngest  corporate  officer 


64  CIO  JULY  1.  2002  •  www.cio.com 


PHOTOGRAPHY  BY  DAN  BRYANT 


’vKr4' 


Kevin  Turner,  Wal-Mart’s 
36-year-old  CIO,  and  his  IS 
group  built  credibility  with 
the  business  by  combining  a 
successful  track  record  and 
empathy  with  the  company's 
users  and  customers. 


Interview 


Wal-Mart  CIO  Kevin  Turner 


“In  any  development  effort,  our  IS  people  are  expected 
to  get  out  and  do  the  function  before  they  do  the 
system  specification,  design  or  change  analysis.” 

-KEVIN  TURNER 


(29  years  old).  In  1997,  Turner  became  the 
first  recipient  of  the  Sam  M.  Walton 
Entrepreneur  of  the  Year  award,  a  very 
high  honor  at  the  company.  But  when 
asked  about  his  accomplishments,  this  CIO 
talks  primarily  about  the  capabilities  and 
accomplishments  of  the  Wal-Mart  IS  team, 
the  vision  of  its  CEOs  past  and  present, 
and  how  blessed  (his  word)  he  is  to  work 
with  such  a  remarkable  group  of  people 
and  for  a  company  like  Wal-Mart. 

CIO  Editor  in  Chief  Abbie  Lundberg 
talked  with  Turner  this  spring  about  Wal- 
Mart’s  competitive  position,  IS  strategy, 
development  methodology  and  the  impor¬ 
tance  of  security  for  a  just-in-time  company 
in  a  post-9/1 1  world. 

CIO:  Wal-Mart’s  the  largest  company  in 
the  world  now.  Has  that  changed  your 
priorities? 

Kevin  Turner:  You  know,  we  don’t  talk  a 
lot  at  Wal-Mart  about  being  the  largest 
company  in  the  world.  [Founder]  Sam 
Walton  never  had  a  goal  of  being  the 
largest  company  in  the  world,  nor  did 
[previous  CEO]  David  Glass  or  [current 
CEO]  Lee  Scott.  What  we  do  talk  about  is 
being  the  best  company  in  the  world.  And 
having  something  called  the  divine  discon¬ 
tent,  which  says  that  you’ll  never  be 
satisfied  with  where  you’re  at  or  where 
you’re  going,  and  that  you  can  always 
improve.  Striving  for  excellence  is  one  of 
our  three  core  beliefs.  Sam  died  in  1992, 
and  everything  in  the  company  in  the  last 
10  years  has  changed  except  for  three 
things:  Have  respect  for  the  individual, 
practice  excellent  customer  service  and 
strive  for  excellence  in  all  that  we  do.  In 
that  third  core  belief,  which  is  very  strate¬ 
gic  for  us,  is  that  divine  discontent. 


You  also  have  three  basic  philosophies 
behind  your  IS  strategy.  Tell  us  about  that. 

The  first  philosophy  is  to  run  a  centralized 
information  system  for  our  operations  all 
over  the  world,  and  we  run  that  from 
,  Arkansas.  The  second  is  to  have  common 
systems  and  common  platforms.  The  third 
is  to  be  merchants  first  and  technologists 
second. 

Now,  along  the  way,  a  lot  of  folks  were 
not  optimistic  that  we’d  be  able  to  grow  as 
much  as  we  have  and  still  keep  our  IS 
centralized  and  running  on  common 
platforms.  But  that’s  been  one  of  the  things 
that’s  allowed  us  to  drive  our  costs  down 
and  helps  us  be  really  efficient.  Whether 
you  run  a  store  in  Bentonville,  Ark.,  or  in 
Miami,  Fla.,  or  in  Leeds,  England,  the 
processes  and  the  systems  are  generally  the 
same.  We’re  able  to  transfer  people  from 
one  store  to  the  other,  and  they’re  able  to 
pick  up  right  where  they  left  off.  We  don’t 
have  significant  downtime  or  startup  time 
in  the  transition. 

How  have  you  made  that  work,  given  your 
rate  of  global  growth  and  your  numerous 
acquisitions? 

When  we  started  down  the  path  to  become 
a  global  company,  we  were  driving  the 
systems  that  had  worked  in  the  United 
States  out  to  the  other  countries.  We  made 
a  lot  of  mistakes  doing  that,  and  there  were 
times  when  we  questioned  whether  we 
were  going  to  be  able  to  run  the  world 
centrally  from  an  IS  perspective.  What 
we’ve  come  up  with  is  a  model  of  decen¬ 
tralized  decisions  but  centralized  systems 
and  controls.  We  will  have  a  common 
system  and  a  common  platform,  but  we 
have  to  allow  a  great  deal  of  flexibility  in 
our  systems  so  that  the  people  in  those 


local  markets  can  do  their  job  in  the  best, 
most  effective  way. 

Say  you’ve  made  an  overseas  acquisition, 
and  there  is  a  system  there  that  may  or  may 
not  be  better  than  what  you’ve  got  already. 
What  are  the  steps  you  go  through  in 
evaluating  that? 

When  we  acquire  a  business,  we  start  by 
defining  success  with  the  customer.  What 
does  success  with  the  customer  look  like? 
We  haven’t  always  been  good  at  determin¬ 
ing  that,  but  we’ve  put  a  lot  of  emphasis  on 
it  in  the  last  1 8  to  24  months.  This  is 
critical  so  that  everyone  has  the  same 
definition  of  success. 

The  next  step  is  to  eliminate  before  we 
automate.  Eliminate  steps,  processes, 
reports,  keystrokes;  eliminate  any  activity 

Wal-Mart’s 
Kevin  Turner 

Title:  Executive  vice  president  and 
CIO 

IS  staff:  1,998 
Base:  Bentonville,  Ark. 

Age:  36 

Years  at  Wal-Mart:  17 

First  position  at  Wal-Mart:  Cashier 
(while  working  his  way  through 
college) 

Other  positions:  Customer  service 
manager,  store  auditor,  business 
analyst,  strategy  manager,  VP  of 
application  development,  assistant 
CIO 

Education:  B.S.  in  business  manage¬ 
ment  from  East  Central  University  in 
Ada,  Okla. 


66  CIO  JULY  1,  2002  •  www.cio.com 


Wal-Mart 
Stores  Inc. 

Headquarters:  Bentonville,  Ark. 
Revenue:  $217.8  billion  (2001) 

Employees:  1.08  million  associates 
in  the  United  States;  303,000 
internationally 

that  you  possibly  can  for  two  reasons:  One, 
you’ll  end  up  building  a  whole  lot  better 
system  that’s  easier  to  support,  and  two, 
invariably  you  will  have  a  better  solution 
that’s  more  [user]  friendly. 

Next  is  to  do  a  business  process 
overview,  where  we  physically  lay  out  what 
the  system  looks  like  from  a  business 
process  standpoint.  We  validate  that  with 
the  best  business  process  experts  in  our 
company  before  we  start  the  design.  Once 
we  get  the  system  built,  then  we  pilot  it 
with  our  best  and  toughest  customers, 
stores,  distribution  centers  and  clubs.  If  you 


pick  the  lowest  volume  store  or  easiest 
customers  to  test  with,  you  don’t  find  all  of 
the  things  that  you  need  to  find. 

That  approach  can  work  only  if  your  people 
truly  understand  the  business.  How  do  you 
make  that  happen? 

In  any  development  effort,  our  [IS]  people 
are  expected  to  get  out  and  do  the  function 
before  they  do  the  system  specification, 
design  or  change  analysis.  The  key  there  is 
to  do  the  function,  not  just  observe  it.  So 
we  actually  insert  them  into  the  business 
roles.  As  a  result,  they  come  back  with  a 
lot  more  empathy  and  a  whole  lot  better 
understanding  and  vision  of  where  we  need 
to  go  and  how  we  need  to  proceed. 

We’ve  learned  some  hard  lessons  in  our 
stores,  clubs  and  distribution  centers  when 
we  developed  something  and  people  didn’t 
use  it,  and  they  chose  to  find  other  ways  to 
get  the  job  done.  We  are  working  hard  to 
develop  systems  that  are  easy  to  use.  That 
puts  an  awesome  responsibility  on  that 
developer  to  get  out  and  understand  the 


business.  That’s  one  of  our  key  things: 

We’re  merchants  first,  technologists  second. 

ON  EXECUTION 

Getting  beyond  the  up-front  process,  how 
do  your  people  actually  execute?  Do  you 
have  principles  of  execution? 

That’s  something  we  talk  a  lot  about 
because,  as  a  company,  we’re  big  on  execu¬ 
tion.  You  can’t  name  a  great  team  that 
wasn’t  good  at  discipline.  Execution  and 
discipline  are  not  the  enemies  of  enthusiasm. 
We  have  a  very  clear  set  of  critical  success 
factors  that  every  associate  in  our  division 
has  to  live  by,  and  they  are  generally  condi¬ 
tions  of  employment.  Some  of  them  are 
complicated  and  some  of  them  are  very 
simple:  excellent  customer  service,  testing 
and  validation  before  you  roll  it  out,  balance 
and  controls,  payback  and  ROI.  All  new  [IS] 
associates  are  indoctrinated  into  that  set  of 
disciplines,  and  all  associates  review  it  at 
least  on  an  annual  basis.  The  disciplines  are 
the  same  for  everybody  regardless  of  what 
team  you’re  on — infrastructure  or  develop¬ 
ment  or  help  desk. 

How  do  you  recognize  failure  of 
execution? 

Well,  there  are  a  lot  of  ways  to 
recognize  failure,  such  as  if  a  project 
is  missing  end  dates.  We  don’t  call 
them  completion  or  target  dates;  we 
call  them  end  dates  because  every¬ 
body  should  have  the  same  definition 
of  end  date.  We  track  projects  against 
the  end  date  and  surface  those  things 
that  are  behind  or  in  trouble.  The 
second  indicator  comes  from  on-the- 
job  reviewing  and  listening.  I  and 
others  who  are  not  on  the  project 
team  go  out  where  these  new  systems 
are  deployed  and  talk  to  the  people 
doing  the  work.  We  ask  them  how  it’s 
going,  how  things  are  working,  what 
they’d  like  to  see  different.  That’s 
where  you  really  surface  feedback 
that  can  help  project  teams  get  even 
better. 

Sometimes  we  have  to  make 


These  members  of  the  IS  senior  leadership  team  have  also  worked  at  Wal-Mart  as  sales  clerks, 
store  managers  and  assistant  store  managers,  internal  auditors  and  merchandise  buyers. 
Clockwise  from  top  left,  they  are  David  Porter,  Tony  Puckett,  Ken  Gish,  Carol  Mosely,  Dan  Phillips 
and  Linda  Dillman. 


www.cio.com  •  JULY  1,  2002  CIO  67 


Interview 


Wal-Mart  CIO  Kevin  Turner 


“Technology  at  this  point  is  simply  a  means  to  an  end. 
What  is  really  strategic  is  the  use  of  the  information 
and  how  we  exploit  and  maximize  it.”  kev  n  turner 


management  changes  to  bring  a  project 
across  the  finish  line.  It’s  hard  because  no 
one  wants  to  give  up  on  a  person  or  a  team 
that’s  struggling.  But  there  are  times  when 
the  right  thing  to  do  for  everyone  involved 
is  to  change  the  quarterback  and  put 
somebody  else  on  the  team. 

ON  COMING  TECHNOLOGIES 

What  do  you  see  coming  in  retail  technol¬ 
ogy  in  the  next  five  years? 

I’m  excited  about  the  future.  There  will  be 

i 

some  great  opportunities  in  storage.  We 
will  have  ubiquitous  storage  within  the 
next  three  years  that  will  help  us  truly  drive 
anywhere-anytime-anything  computing, 
which  is  very  important  for  our  business.  I 
think  that  wireless  will  continue  to  be 
exploited,  and  at  some  point  our  customers 
will  walk  into  one  of  our  stores  or  a  Sam’s 
Club  and  use  their  own  device  on  our 
network  to  accomplish  whatever  they 
want.  We’re  in  the  process  of  building  an 
infrastructure  that  will  enable  that. 

Radio  frequency  identification  is  also 
exciting,  and  we’re  working  with  MIT  on 
the  development  of  “cheap  chips.”  I  think 
that  you  will  see  cheap  chips  replace  bar 
codes  over  time,  and  we’ll  be  able  to 
intelligently  drive  the  supply  chain  through 
what’s  on  the  shelf  and  what’s  in  the  back 
without  our  associates  having  to  verify  it. 

Voice  over  IP  will  certainly  take  off  and 
will  lower  costs  and  help  us  all  from  an 
infrastructure  standpoint.  We  all  know 
what  it’s  like  today  when  an  associate 
moves  or  transfers  and  you  have  to  change 
the  phones.  They’ll  simply  be  able  to  take 
the  phone  with  them,  plug  it  back  in,  and 
everything  will  be  working  without  any 
systemic  changes. 

I  think  voice  recognition’s  time  will  come 
in  the  next  three  years.  We  have  not 


scratched  the  surface  with  this  technology 
in  retail  and  certainly  not  yet  at  Wal-Mart. 
We  are  using  some  voice  recognition 
technology  in  our  distribution  centers,  but  I 
think  you  will  continue  to  see  more  and 
more  areas  where  it’s  exploited,  and  it  will 
eliminate  the  need  for  some  of  the  mobile 
computing  we  do  in  our  stores,  clubs  and 
distribution  centers  today. 

What  about  the  future  of  your  custom 
applications? 

From  a  development  standpoint,  I  think  the 
biggest  opportunity  we  have  is  leveraging 
information.  In  the  future,  we  should 
actually  be  simulating  our  business  with  an 
inductive  model  versus  a  deductive  model 
to  determine  our  opportunities  to  maximize 
sales  before  the  actual  event  occurs.  An 
example  would  be,  say,  that  we  start 
running  Easter  [simulations]  in  December 
so  that  we  can  better  prepare  and  know 
what  the  Easter  business  will  look  like. 
We’re  really  excited  about  the  potential  for 
predictive  information  and  simulation. 

We’ve  also  got  a  strategic  initiative  going 
on  with  self-service.  We  are  working  to 
provide  self-service  technology  for  our 
associates,  prospective  associates,  cus¬ 
tomers  and  members,  and  to  eliminate 
paper  and  paper  forms.  Having  an  associ¬ 
ate  portal  and  devices  on  our  sales  floors 
will  let  customers  and  members  get  product 
information,  and  let  us  do  computer- 
assisted  selling. 

What  is  your  process  for  evaluating  new 
technologies? 

We  leverage  a  lot  of  different  fronts.  We’re 
plugged  into  the  research  and  development 
labs  of  all  of  our  key  suppliers,  whether  it 
be  Cisco,  IBM,  NCR,  AT&T  or  HP.  We 
spend  a  lot  of  time  in  Bell  Labs,  research 


centers  and  other  places  helping  influence 
where  we  might  go  in  the  future. 

We  also  have  a  team  of  folks  that  helps 
us  do  proof  of  concept  and  pilot  key 
technologies  that  could  be  coming  in  the 
future.  We  need  to  look  at  the  technology 
in  a  pilot  environment  so  we  can  really 
understand  its  ramifications  or  benefits. 

And  everybody  is  expected  to  be  an 
expert  in  the  industry  or  business  that 
they’re  in,  and  we  rely  on  them  to  make 
sure  that  we  hear  about  all  the  ideas  that 
come  together,  especially  those  that  come 
from  the  people  who  actually  do  the  work. 

How  do  you  do  that?  Say  somebody  in  the 
IS  group  somewhere  has  an  idea  for 
something.  How  does  it  get  to  you? 

Just  walk  up  and  tell  me.  It’s  a  very  open 
environment.  As  an  example,  we  will  have 
training  sessions  or  grassroots  sessions  with 
key  [internal]  customers  where  we  break 
down  their  area  to  see  what  we  can  do 
better  and  how  we  can  do  it.  We’re  proac¬ 
tively  looking  for  those  things  that  can  help 
us  change  our  company.  And  when  you  get 
proactive,  you  can  play  offense  as  opposed 
to  defense  where  you’re  reacting  to  a  set  of 
issues.  Proactively  driving  a  set  of  strategies 
or  driving  a  set  of  new  initiatives  helps  get 
those  customers  on  your  side.  They  believe 
that  they  are  part  of  the  process  and  that 
you  are  there  to  help. 

ON  SECURITY  AND  DATA  MANAGEMENT 

Wal-Mart  has  built  the  company  in  large 
part  on  its  efficient  supply  chain  and 
inventory  management.  All  of  that  is  driven 
by,  and  dependent  on,  the  flow  of  informa¬ 
tion.  Because  of  the  potential  impact  of  an 
event  like  Sept.  11  on  this  flow,  are  you 
doing  anything  differently  in  business 
continuity  planning  or  disaster  recovery? 


68  CIO  JULY  1,  2002  •  www.cio.com 


When  nearly  half  of  the  Fortune  1000 
count  on  you,  a  pattern  starts  to  emerge. 

When  leading  businesses  need  a  wireless  partner  to  keep  things  moving,  they  turn  to  us.  That's  why  we've 
emerged  as  the  number  one  wireless  carrier  for  business  data  users.  With  Cingular,  you  get  everything  from 
business  calling  plans  and  corporate  email  to  interactive  messaging  and  CRM  solutions -all  built  around  your 
company's  specific  needs  and  goals.  Maybe  it's  time  you  noticed  the  shape  business  is  taking  to  express  itself. 

To  see  how  we  can  build  a  wireless  solution  around  you,  give  us  a  call  at  1-866-446-7599  or  visit  us  at 
www.cingular/business.com.  Also,  feel  free  to  download  our  "orange"  paper,  Executive  Guide  to  Enterprise- 
Wide  Wireless  Data  Strategies,  when  you  visit  our  website. 


X  cingular 

WIRELESS 

What  do  you  have  to  say? 


Cingular  Wireless.  "What  do  you  have  to  say?"  and  the  graphic  icon  are  Service  Marks  of  Cingular  Wreless  LLC.  ©2002  Cingular  Wreless  LLC.  Fortune  is  registered  trademark  of  Time,  Inc.  Photos  used  with  permission  of  the  NYSE. 


Interview  |  Wal-Mart  CIO  Kevin  Turner 

“Transformational  ideas  don’t  find  you;  you  need  to  go 
out  and  find  them.”  -kevin  turner 


Unfortunately,  we  are  doing  things  differ¬ 
ently  as  a  result  of  Sept.  11,  and  I  say 
unfortunately  because  we’re  investing  a  lot 
of  money,  resources  and  time  in  security, 
privacy  and  similar  activities.  Things  that 
were  once  objectives  and  goals  are  now  a 
way  of  life.  That’s  really  the  transition 
that’s  happened  for  us  since  9/11.  We’re 
going  to  be  burdened  with  it  for  quite  some 
time.  I’d  really  like  to  see  our  technology 
vendors  step  up  and  help  us  with  these 
vulnerabilities  because  the  money  that 
we’re  pouring  into  security  right  now  is 
being  pulled  away  from  development  and 
strategic  things  that  we  could  be  investing 
in.  A  lot  of  the  vulnerabilities  that  we  deal 
with  are  preventable  and  could  be  avoided 
if  the  technology  vendors  would  get 
proactive  and  do  the  due  diligence  to 
tighten  up  their  products. 

In  security,  companies  typically  spend 
maybe  20  percent  on  prevention  and  80 
percent  on  recovery  or  dealing  with  prob¬ 
lems  after  the  fact.  Have  you  shifted  the 
amount  you  spend  into  prevention? 

I’d  say  we’re  spending  80  percent  on 
prevention  right  now.  Necessity  is  the 
mother  of  invention,  and  we’ve  invested  a 
lot  of  knowledge  and  capital  in  intrusion 
detection  and  playing  as  much  offense  as 
we  can  to  make  sure  that  we’re  protecting 
our  company.  Personally,  every  day  I  spend 
time  on  security. 

With  the  Enron  and  Wall  Street  scandals, 
we’ve  seen  how  important  it  is  to  know  how 
the  data  that’s  driving  the  company  is  being 
handled,  managed 
and  monitored.  How 
do  you  treat  this 
responsibility? 

My  job  as  the  chief 
information  officer  for 


Wal-Mart  is  to  bring  visibility  to  all  of  our 
information,  to  eliminate  the  blind  spots,  to 
not  wait  to  be  asked  to  develop  controls 
and  balances  but  to  be  the  champion  for 
the  information.  In  the  last  10  years,  the 
driver  of  change  has  transitioned  from 
technology  to  information.  Technology  at 
this  point  is  simply  a  means  to  an  end. 
What  is  really  strategic  is  the  use  of  the 
information  and  how  we  exploit  and 
maximize  it.  We’re  in  a  business  that 
competes  at  the  speed  of  information,  and 
my  job  is  to  ensure  we  present  it  in  such  a 
way  that  we  use  it  to  drive  execution  and 
improvements  in  our  business. 

ON  THE  CHANGING  CIO  ROLE 

You  see  the  CIO  as  champion  of  informa¬ 
tion  now.  In  what  ways  has  the  role  of  the 
CIO  shifted? 

I  think  the  role  is  changing  quite  signifi¬ 
cantly.  Someone  once  said  if  we  do  every¬ 
thing  perfectly  in  our  profession,  we  would 
still  get  a  B-  grade.  You  can  do  one  of  two 
things  with  that.  You  can  let  it  eat  you  up, 
and  deem  yourself  unappreciated,  or  you 
can  decide  to  better  that  and  become  a 
strategic  element  in  your  company.  This 
idea  of  being  more  transformational  is 
about  making  sure  you  identify  those 
things  that  are  truly  transformational  and 
put  your  effort  and  resources  behind  them. 
That’s  the  shift  happening  with  CIOs,  and 
my  role  is  to  be  more  strategic,  more 
plugged  in  to  the  big  ideas  that  can  change 
our  company.  And  by  the  way,  those  ideas 
don’t  find  you;  you  need  to  go  out  and  find 
them.  That’s  something  Lee  Scott  has  really 
pushed  home  to  me — that  I’ve 
got  to  -be  more  proactive 
in  seeking  out  those  trans¬ 
formational  ideas  so  that  we 
can  widen  our  gap  over  our 
competition. 


You’re  fortunate  to  have  a  CEO  who  is 
pushing  that  transformation  agenda  from 
the  top.  What  about  CIOs  who  can’t  get 
transformation  on  the  agenda? 

The  key  is  credibility.  Our  formula  for 
credibility  is  track  record  plus  empathy 
equals  credibility.  That  begins  and  ends 
with  learning  and  understanding  the 
business  you’re  in,  where  it’s  going  and 
how  it’s  going  to  get  there.  And  then  you 
bring  forth  those  things  in  IT  that  can 
change  the  world. 

Of  course,  the  infrastructure  today  has 
to  work  like  a  light  switch.  People  really 
don’t  want  to  know  how  it  works,  they  just 
want  to  know  that  it  works  every  time,  and 
that  it’s  fast,  reliable  and  scaleable.  This  is 
required  in  order  to  establish  the  credibility 
that  is  key  to  getting  the  opportunity  to 
change  your  company. 

For  the  CIO’s  responsibilities  going  for¬ 
ward,  what  percent  is  technology  versus 
business  strategy? 

Ideally  support  and  infrastructure  are  zero 
to  1  percent,  but  that’s  not  the  case.  There 
are  times  when  that’s  a  lot  of  what  we’re 
doing.  Obviously  strategy  and  business 
learning  have  to  dominate  over  half  of  your 
time.  The  other  half  should  be  dominated 
by  the  people  that  make  us  successful.  One 
of  the  things  that  I’ve  learned  at  Wal-Mart 
is  it’s  not  the  people  that  I  work  for  that 
determine  whether  I  am  successful  or  not,  it 
is  largely  the  people  that  I  get  to  work 
with.  It’s  really  important  that  you  involve 
them,  that  you  help  them,  that  you  give 
them  the  time  to  get  out  and  learn  the 
business  and  hold  them  accountable  for 
that.  Typically  they’ll  exceed  your  expecta¬ 
tions  every  time.  E3EI 


What  do  you  think  of  Wal-Mart’s  IT  strategy?  Tell 
Editor  in  Chief  Abbie  Lundberg  at  lundberg@cio.com. 


cio.com 

Read  more  about 

RETAIL  TECHNOLOGY  at 

www.cio.com/printlinks. 


70  CIO  JULY  1,  2002  •  www.cio.com 


SOMEDAY 

TOMORROW. 

EVENTUALLY 

THREE  OF  THE  WORST  TIMES  TO  START  PLANNING 
YOUR  BUSINESS  CONTINUANCE. 


Business  Continuity  Solutions 

Nothing  gives  you  more  peace  of  mind  than  knowing  your 
business  is  already  prepared  to  handle  anything.  To  find  out  how 
ready  you  are  for  the  future,  take  our  Vulnerability  Assessment 
Test  today.  It's  the  quickest  way  to  put  your  mind  at  ease. 


Computer  Associates™ 


TAKE  OUR  FREE  VULNERABILITY  ASSESSMENT  TEST  AT  CA.COM  /  FREETEST 


HELLO  TOMORROW™  WE  ARE  COMPUTER  ASSOCIATES  THE  SOFTWARE  THAT  MANAGES  eBUSINESS™ 


©2002  Computer  Associates  International,  Inc.  (CA).  All  trademarks,  trade  names,  service  marks  and  logos  referenced  herein  belong  to  their  respective  companies. 


Startup  Strategies 


Like  everyone  else  in  the  airline  industry,  JetBlue  Airways  saw 

business  drop  in  the  aftermath  of  September  1 1 — the  day  the  startup  was 
scheduled  to  unveil  its  initial  public  offering.  But  unlike  most  others,  JetBlue 
rebounded  by  year’s  end  and  continued  to  climb. 

The  low-cost  carrier’s  income  statement  flew  against  travel  industry  trends. 
JetBlue  posted  a  profit  of  $38.5  million  on  $320.4  million  in  revenue  in  2001, 
a  year  in  which  the  U.S.  airline  industry  lost  $7.7  billion.  In  the  first  quarter 
of  2002,  the  company  registered  a  $13  million  profit  on  $133.4  million  in 


JetBlue  Airways 
use  IT  as  the 
backbone  of 
their  “high-tech, 
high-touch”  startup. 
Can  you  say,  “last- 
mover  advantage”? 

BY  STEPHANIE  OVERBY 


revenue  when  major  airlines  lost  another  $2.4  billion.  JetBlue  kept  on  hiring 
employees,  continued  to  buy  jets  and  upped  its  IT  investments. 

And  seven  months  after  the  scrapped  IPO  announcement,  JetBlue  went  pub¬ 
lic  on  April  12,  2002,  posting  67  percent  gains  in  the  first  day  of  trading — 
the  best  performing  stock  debut  on  Wall  Street  in  more  than  a  year. 

So  how  has  this  startup  airline  managed  to  take  off  when  some  of  the  indus¬ 
try’s  biggest  names  have  struggled  to  stay  aloft?  What  makes  JetBlue  grow  in 
a  field  where  more  than  100  new  ventures  have  failed  since  deregulation  in 
1978?  And  how  can  it  manage  its  future  in  an  industry  characterized  by  low 
profit  margins  and  high  fixed  costs,  in  which  a  minor  revenue  shortfall  can 
have  a  disproportionately  major  effect  on  finance  (the  four-day  shutdown  after 
9/11  providing  the  most  extreme  example)? 

Call  it  starting  with  a  fresh  canvas.  Call  it  last- 
mover  advantage.  And  call  IT  central  to  the  plot. 

JetBlue,  started  four  years  ago  by  a  duo 
of  airline  industry  veterans  who  amassed 
$160  million  in  capital,  began  with  a  simple 


Reader  ROI 

►  See  how  IT  drives  a 
startup  company  in  a 
mature  industry 

►  Explore  what  you  can  do 
with  a  clean  IT  slate 


7  2  CIO 


JULY  1,  2002  •  vjww.cio.com 


PHOTO  BY  ANDREW  KIST 


f 1 

'■■■:  , 

.  v.;  -  !>• 


lH 


JetBlue  Airways  President 
Dave  Barger  (right)  says 
he  and  CIO  Jeff  Cohen 
have  an  ongoing  brainstorming 
session  about  IT  projects 
that  will  improve  existing 
business  processes. 


Startup  Strategies 


plan  to  offer  high-end  customer  service  at 
low-end  prices  (averaging  $99  each  way). 
So  while  passenger-facing  elements  empha¬ 
size  service  and  comfort — JetBlue  boasted  a 
new  fleet  of  Airbus  A320  planes  with  all¬ 
leather  upholstery  and  seat-back  TVs  when 
it  first  flew  in  2000 — executives  have 
invested  heavily  in  automation,  from  ticket 
sales  that  stress  direct-sale  Web  purchases 
to  electronic  tagging  on  bags. 

“They’ve  redefined  what  is  expected  of  a 
startup  airline,”  says  Stuart  Klaskin,  a  Coral 
Gables,  Fla. -based  aviation  consultant. 
“They  said,  Let’s  completely  wipe  the  slate 
clean.  And  from  a  technology  standpoint 
and  a  customer  service  standpoint,  they  have 
done  things  that  most  other  people  in  the 
airline  industry  have  only  thought  about.” 

So  far,  that  combination  of  being  a  late 
arriver  and  early  adopter  is  serving  JetBlue 
well.  The  airline  operates  at  70  percent  of 
the  cost  of  the  biggest  carriers,  while  flying 
significantly  fuller  planes.  It  remains  a 
nonunion  shop.  JetBlue  also  sees  half  of  its 
customers  return  to  fly  again;  and  20  percent 
of  passengers  make  up  50  percent  of  the 
airline’s  revenue.  And  there’s  that  matter  of 
profits. 

A  Blue-Sky  Idea 

David  Neeleman,  CEO  of  JetBlue,  would 
have  started  this  new  venture  earlier  if  he 
could  have.  He’d  done  it  before. 

In  1984,  Neeleman  cofounded  Morris 
Air,  a  Salt  Lake  City-based  airline  that 
became  the  first  to  offer  ticketless  travel,  a 
program  developed  in-house.  In  1993, 
Morris  Air  was  snapped  up  for  $130  mil¬ 
lion  by  low-cost  leader  Southwest  Airlines, 
which  picked  up  the  e-ticket  tack  and 
brought  Neeleman  on  board  as  an  execu¬ 
tive  planning  committee  member.  But  he 
lasted  just  six  months,  frustrated,  he  says, 
by  the  lack  of  automation  there.  “When  I 
got  to  Southwest,  you  couldn’t  even  make 
a  reservation  on  the  phone.  You  were 
instructed  to  go  to  the  airport  to  buy  your 
ticket,”  Neeleman  says.  “And  they  were  still 
using  the  old  mainframe  system  they  had 
inherited  from  Braniff.”  When  he  left  the 


JetBlue’s  Top  10 

The  IT  investments  that  the  airline  bet  on 


MICROSOFT  EXCHANGE  2000 

Implemented:  Feb.  2000 

Cost:  $300,000 

Description:  E-mail  server 

Benefit:  No  specific  cost  savings  cited; 

part  of  standardization  on  Microsoft 

products 

DASH  GROUP  MAINTENANCE 
SYSTEM 

Implemented:  Oct.  1999 
Cost:  $120,000 

Description:  Software  to  log  all  airplane 
parts  and  their  time  cycles 
Benefit:  Electronic  system  for  tracking 
parts;  trims  manual  tracking  costs 

BEST  SOFTWARE  HR/PAYROLL 
SOFTWARE 

Implemented:  Nov.  1999 

Cost:  $150,000 

Description:  Enterprise  human 

resources  software 

Benefit:  Consolidates  several  JetBlue 

pay  schedules  into  one  system 

BORNEMANN  ASSOCIATES 
FLIGHT  PLANNING  SYSTEM 

Implemented:  Dec.  1999 
Cost:  $120, 000/year 
Description:  Software  that  handles  all 
flight  planning  for  JetBlue 
Benefit:  Drives  down  costs;  makes 
operations  more  efficient 

AVIATION  TRAINING 
MANAGEMENT  SYSTEM 

Implemented:  Dec.  1999 

Cost:  $90,000  plus  $45,000  for 

customization 

Description:  Database  tracks  employee 
training  records 


Benefit:  Electronic  record-keeping 
cuts  costs  and  improves  efficiency 

JETBLUE.COM  WEBSITE 

Implemented:  Jan.  2000 
Cost:  $450,000  plus  internal  develop¬ 
ment  costs 

Description:  Public  website 
Benefit:  Online  sales  expected  to  top 
$400  million  in  2002 

OPEN  SKIES  RESERVATION  SYSTEM 

Implemented:  Jan.  2000 
Cost:  Approximately  $100, 000/month 
Description:  Airline  reservation  and 
accounting  system 

Benefit:  Important  for  customer  service 
and  sales  tracking 

PAPERLESS  COCKPIT 

Implemented:  Jan.  2000 

Cost:  $100,000  (internal  development) 

Description:  Pilot  laptops 

Benefit:  Keeps  pilot  manuals  updated 

(FAA  regulated)  while  saving  hundreds 

of  thousands  on  printing  costs 

INTRANET 

Implemented:  Oct.  2000 

Cost:  $200,000  (internal  development) 

Description:  Intranet 

Benefit:  Connects  2,100  employees 

MICROSOFT  SHAREPOINT  PORTAL 

Implemented:  Nov.  2000 
Cost:  Acquired  via  Microsoft  develop¬ 
ment  partners  program  and  $250,000 
in  enhancements 

Description:  Portal  for  flight  manual 
updates;  supports  paperless  cockpit 
Benefit:  Allows  electronic  changes  to 
flight  manuals  every  few  days 


Dallas-based  airline,  then-CEO  Herb 
Kelleher  asked  him  to  sign  a  five-year  non¬ 
compete  agreement. 

While  at  Morris  Air,  Neeleman  had 
worked  with  college  student  David  Evans 
to  develop  a  unified  accounting  and  reser¬ 
vations  system.  When  he  left  Southwest,  he 
and  Evans  decided  to  create  a  company  to 
sell  the  system  to  small  and  midsize  airlines. 


Unlike  most  other  reservation  systems,  it 
integrated  electronic  ticketing,  Internet 
booking  and  revenue  management  tools, 
and  generated  timely  operational  and  finan¬ 
cial  reports.  The  company,  Open  Skies,  pro¬ 
vided  systems  for  the  likes  of  Westjet  and 
former  British  Airways’  low-fare  subsidiary 
Go  Fly.  All  the  while,  Neeleman  was  devel¬ 
oping  his  next  blue-sky  idea  for  a  new  low- 


74  CIO  JULY  1,  2002  •  www.cio.com 


Finally, 


a  grown-up  server 


for  Windows? 


® 


Systems  Integration 


Outsourcing 


Infrastructure 


Server  Technology. 


i tks  ot  Intel  Corporation 

ivs  are  either  registered 
tes  and/or  other  countries 


Consulting 


Scaling  up  to  a  server  for  mission-critical  J 
applications  that’s  stable,  easy  to 
manage  and  delivers  enterprise-class^ 
performance.  All  in  a  server  that  maximize 
the  benefits  of  your  enterprise  operations. 


Done: 

Unisys  has  made  it  all  real  with  our  ES7000 
server.  It  harnesses  32  Intel®  Xeon™  Processors 
for  scalability  and  grown-up  enterprise-class 
performance.  Unisys  has  created  a  server 
with  advanced  systems  management  for  less 
babysitting  and  rock-solid  reliability  running 
Microsoft®  Windows®  2000  Datacenter  Server 
software.  It  all  adds  up  to  reduced 
total  cost  of  ownership  and  a  mature  server 
environment  to  simplify  your  operations. 


Server  Technology  with  precision  thinking,  | m 
relentless  execution  to  drive  your  vision  forward 


6 

s> 

XI 

EON 

Startup  Strategies 


6.98  cents 


10.14  cents 


8.4  percent 


(-8.7  percent) 


84.5  percent 


77.4  percent 


Mishandled  bags 


passengers 


4.55  per  1,000  passengers 


Customer  complaints 


1.06  per  100,000  boardings 


2.11  per  100,000  boardings 


JetBlue  vs.  Airline  Industry  2001 


Cost  per  available  seat  mile 
Operating  margin  in  2001 
Load  factor 
On-time  record 


78  percent 


71.3  percent 


Sources:  Air  Transport  Association,  U.S.  Department  of  Transportation,  JetBlue  Airways,  The  New  York  Times 


■  They  avoid  travel  agents  (average  cost: 
$14  per  ticket).  So  they  set  up  reservations 
agents  in  Utah,  where  work-at-home  opera¬ 
tors  use  voice  over  IP  (VoIP)  lines  (average 
cost:  $4.50  per  ticket).  There’s  also  a  big 
Internet  reservations  push  on  JetBlue.com 
(50  cents  per  ticket).  And,  of  course,  all  tick¬ 
etless  travel. 

■  They  created  the  industry’s  first  paper¬ 
less  cockpit,  equipping  pilots  and  first  officers 
with  laptops  to  access  electronic  flight  man¬ 
uals  and  make  pre-flight  load  and  balance 
calculations. 

“If  we  didn’t  have  this,  it  would  delay  us  15 
or  20  minutes,  at  least,”  says  Kevin  Carney, 
a  JetBlue  first  officer  typing  away  on  his  HP 
laptop  before  a  recent  Friday  afternoon  flight 
to  Fort  Lauderdale,  Fla.  “I  used  to  work  at 
US  Airways,  and  they  didn’t  have  anything 
like  this.  None  of  the  airlines  do.” 

Overall,  the  plan  was  to  create  a  cost  struc¬ 
ture  that  could  support  low  fares  without 
doing  it  on  the  backs  of  labor  or  sacrificing 
service.  “You  can  be  efficient  and  effective 
and  deliver  a  great  experience  at  the  same 
time,”  says  Neeleman.  The  trickiest  thing 
during  the  incubation  period,  he  says,  was 
thinking  up  the  name — JetBlue — which  in  the 
end  Neeleman  thought  just  sounded  cool. 
And  don’t  forget  about  finding  the  right  per¬ 
son  to  help  him  and  Barger  computerize  every 
aspect  of  the  airline,  which  was  scheduled  to 
launch  in  February  2000. 


A  New  CIO’s  Clean  Slate 

Jeff  Cohen  joined  JetBlue  as  a  consultant  on 
Jan.  3,  2000,  just  a  month 
before  the  airline  was  sched¬ 
uled  to  take  its  inaugural 
flight.  Hired  to  help  with 
the  FAA  certification  of 
JetBlue  as  an  airline,  Cohen 
also  helped  to  stabilize  the 
network  to  get  it  ready  for 
the  big  Internet  reservations 
push.  After  three  months, 
Neeleman  and  Barger  asked 
Cohen  to  sign  on  full-time 
as  the  company’s  first  CIO. 
“It  was,  ‘Enter,  stage 


since  People  Express  hit  the  skids  in  1986. 

Neeleman  then  hired  Dave  Barger,  who 
led  a  turnaround  at  Continental  Airlines,  as 
president  and  COO,  and  began  to  build 
what  he  saw  as  a  “high-tech,  high-touch” 
airline:  all  new  airplanes  of  a  single  body  type 
(more  costly  to  purchase  but  easier  to  main¬ 
tain),  paperless  business  processes  (whether 
it’s  at  headquarter  offices  in  Kew  Gardens, 
N.Y.,  or  in  the  pilot’s  cockpit)  to  save  both 
time  and  money,  and  enthusiastic  employees 
to  deliver  good  service.  “What  they  set  out  to 
do  was  take  the  21st  century  electronic  busi¬ 
ness  model  and  apply  it  to  aviation,” 
explains  John  Kasarda,  an  airline  industry 
expert  at  the  University  of  North 
Carolina’s  Kenan-Flagler  Business 
School.  “They  took  what  was  cutting 
edge  in  terms  of  digital  business  and 
translated  it  to  aviation.  It  was  surpris¬ 
ing  somebody  hadn’t  done  it  sooner.” 

Neeleman  and  Barger  made  a  series 
of  decisions  to  simplify  the  business 
and  take  advantage  of  their  IT  bent. 

■  They  developed  plans  for  point- 
to-point  service  in  high-volume  corri¬ 
dors  (New  York  to  South  Florida, 
Seattle  and  L.A.-Long  Beach,  for  exam¬ 
ple),  thus  avoiding  the  costs  and  busi¬ 
ness  process  complications  associated 
with  the  hub-and-spoke  system  that 
major  airlines  use  to  reach  all  markets. 
“We  didn’t  want  to  be  all  things  to  all 
people.  We  wanted  to  go  where  we 
could  make  money,”  Neeleman  says. 
So  no  flights  to  Chicago  yet. 


JETBLUE 


AVERAGE 


cost,  low-price  air  carrier.  “We  tested  a  lot 
of  technologies  during  that  time,”  Neeleman 
says.  “Open  Skies  became  a  great  test  labo¬ 
ratory  for  JetBlue.” 

When  his  noncompete  pact  with 
Southwest  expired  in  1998,  Neeleman  sold 
Open  Skies  to  Hewlett-Packard  for  an 
undisclosed  amount  and  began  working  on 
the  launch  of  his  new  company.  He  raised 
capital  from  five  previous  investors  in 
Morris  Air  and  landed  investor  George 
Soros  to  boot.  Neeleman  decided  to  base  the 
new  airline  in  New  York  City — John  F. 
Kennedy  International  Airport,  to  be 
exact — which  hadn’t  seen  a  low-cost  carrier 


0 

JetBlue  Airways  CEO  David 
Neeleman  founded  a  company 
after  the  Internet  wave  crested— 
and  used  IT  to  turn  his  late 
entry  into  an  industry  innovator. 


76  CIO  JULY  1,  2002  •  www.cio.com 


PHOTO  COURTESY  OF  JETBLUE  AIRWAYS/MARK  GREENBER 


The  JetBlue  Experience 

A  passenger  s-eye  view  of  the  airline's  IT-driven  strategy 

TO  BUY  A  TICKET,  you  call  JetBlue's  toll-free  reservations  number,  where  you’re 
connected  to  a  reservations  agent  working  from  home  on  a  voice  over  IP  line,  or 
you  can  log  on  to  JetBlue's  website— both  money  savers  for  the  air  carrier. 

When  you  check  in  at  John  F.  Kennedy  International  Airport’s  Terminal  6,  a  voice 
emanating  from  a  large,  flat-panel  LCD  tells  you  window  17  is  open.  You  check  in  and 
hand  over  your  bags  in  about  45  seconds,  noting  that  the  man  behind  the  counter  is 
not  furiously  typing  for  five  minutes  just  to  find  you  an  aisle  seat  over  the  wing. 

After  being  screened  at  security,  you  find  another  large  computer  screen  at  the 
center  of  the  round  terminal,  where  a  Windows-based  program  tracks  all  of  this 
airline’s  flights  and  weather  conditions  on  a  map  in  real-time.  Onboard  the  new 
Airbus  A320,  you  note  the  pilot  in  his  “paperless  cockpit"  typing  away  on  a  laptop  to 
adjust  the  flight  plan  for  current  weather  conditions.  A  small  TV  screen  also  resides 
in  the  cockpit;  it’s  connected  to  hidden  cameras  so  that  pilots  can  keep  an  eye  on 
activity  in  the  cabin  for  security  purposes. 

You  settle  into  your  leather  seat.  A  voice  comes  over  the  PA  system.  “Hi,  my 
name  is  David  Neeleman.  I’m  the  CEO,”  says  the  tall,  gray-haired  man  at  the  front 
of  the  cabin,  who  makes  this  trek  once  a  week.  “We  fly  10  flights  a  day  to  Fort 
Lauderdale,  and  we  hope  if  you  like  your  flight  today  you'll  tell  your  friends.” 

Three  hours  later,  you  land  at  Fort  Lauderdale-Hollywood  International  Airport 
and  find  your  suitcase  waiting  for  you  at  baggage  claim— instead  of  the  other  way 
around— thanks  to  an  electronic  bag-tagging  system.  -S.O. 


left.. .like,  now,’”  jokes  Barger. 

Beyond  the  cockpit  and  network  projects, 
Cohen  had  no  legacy  systems,  an  open 
budget  and  one  mandate  from  Neeleman: 
Automate  everything.  “From  the  beginning, 
I’ve  basically  had  to  wake  up  every  day  and 
figure  out  how  we  stay  a  low-cost  airline, 
without  bringing  in  huge  ideas  that  will  cost 
a  huge  amount  of  money  and  aren’t  aligned 
with  our  business  model,”  says  Cohen. 

To  that  end,  Cohen  has  removed  the 
acronym  ROI — so  important  to  him  as  a 
consultant — from  his  vocabulary.  Instead, 
the  acronym  you  will  hear — and  hear  a 
lot — is  cost  per  available  seat  mile  (CASM). 
It’s  the  industry  measurement  of  the  costs 
incurred  by  an  airline  per  mile  that  could  be 
flown.  Instead  of  ROI  with  new  IT  projects, 
says  Barger,  Cohen’s  direct  boss,  “we  ask, 
Does  it  drive  efficiency?” 

That  means  Cohen  and  his  staff  of  36,  a 
quarter  of  them  developers,  test  out  lots  of 
ideas  and  support  a  lot  of  skunk  works  proj¬ 
ects.  Initiatives  get  the  go-ahead  based  on 
whether  the  technology  application  would 
help  JetBlue  maintain  its  cost  structure  and 
how  it  affects  the  company’s  CASM. 

Currently,  JetBlue  has  a  CASM  of  under 
7  cents  per  seat  mile,  about  25  percent  less 
than  the  average  of  major  carriers.  When  it 
comes  to  creating  and  keeping  that  low  cost 
structure,  “IT  is  definitely  the  enabler,”  says 
Barger.  Keeping  CASM  low  was  the  impe¬ 
tus  for  Neeleman  to  charge  Cohen  to  set  up 
and  maintain  VoIP  lines  for  600  at-home 
JetBlue  reservation  agents,  creating  the 
industry’s  only  virtual  call  center.  It’s  why  the 
cost-saving  paperless  cockpit  got  the  green 
light  before  the  CIO  came  aboard. 

Keeping  CASM  low  was  the  reason 
Cohen  chose  to  standardize  on  Microsoft 
products  (the  decision  helps  to  limit  his  staff’s 
size — and  the  number  of  technologies  they 
support).  He  also  avoids  outsourcing  and 
consultant  agreements  (except  when  pur¬ 
chasing  a  product  from  a  vendor),  preferring 
to  do  most  development  in-house.  So,  you 
have  JetBlue  hiring  outside  help  from  (the 
familiar)  Open  Skies  as  its  reservation  and 
revenue  accounting  system  vendor.  And  yet 


the  company’s  own  developers  built  a  pro¬ 
gram  called  Blue  Performance,  to  track  oper¬ 
ational  data  (updated  flight  by  flight),  and 
created  an  intranet  to  share  the  information 
with  JetBlue’s  2,800  crew  members. 

“Having  that  kind  of  real-time  informa¬ 
tion  at  your  fingers  is  really  more  critical  than 
anything,”  explains  Neeleman.  “Other,  older 
airlines  spend  billions  and  billions  of  dollars 
and  use  staffs  of  hundreds  to  try  to  pull  this 
stuff,  and  we  have  it  baked  into  the  system.” 

That  focus  on  low  costs  and  efficiency 
also  drove  the  in-house  development  of 
JEMS  (JetBlue  event  management  system)  to 
track  all  safety-related  incidents  in  the  com¬ 
pany  and  the  decision  to  use  BlackBerry 
wireless  devices  to  report  and  respond 
to  irregular  operations — anything  from 
weather  delays  to  a  passenger  injured  by  his 
own  briefcase  when  he  opened  the  overhead 
bin.  And  that’s  why  routine  tasks,  like  get¬ 
ting  expense  approvals  or  processing  pay¬ 
roll,  are  done  digitally. 


But  in  a  culture  so  geared  up  for  gadgets, 
it’s  also  Cohen’s  responsibility  to  draw  the 
line  between  cutting-edge,  cool  stuff  and 
technology  that  actually  helps  pilot  JetBlue’s 
financial  performance.  For  example,  Cohen 
quashed  wireless  check-in  at  JFK  after  the 
airline  took  over  an  entire  terminal  there 
starting  last  Thanksgiving.  It  turned  out 
agents  could  move  people  along  faster  at  its 
40  counters.  “If  it  doesn’t  make  you  effi¬ 
cient,  it’s  not  cool,”  he  says. 

Much  of  this  IT  strategy  is  transparent  to 
the  traveler.  Heavy  automation  keeps  costs 
low  so  customers  can  pay  low  fares  and  still 
enjoy  leather  seats  and  real  TV  (“the  opiate 
of  the  traveler,”  jokes  Neeleman).  The  paper¬ 
less  cockpit  allows  pilots  to  calculate  the 
weight  and  balance  of  their  own  plane  in  a 
few  keystrokes  rather  than  relying  on  dis¬ 
patchers  at  headquarters  to  crunch  the  num¬ 
bers,  which  helps  to  keep  planes  on  schedule 
(and  saves  an  estimated  4,800  hours  a  year). 

But  other  IT  innovations  are  more  visi- 


www.cio.com  •  JULY  1.  2002  CIO  77 


Startup  Strategies 


ble,  such  as  the  simple  queue  program  that 
lets  the  next  person  in  line  at  check-in  know 
which  agent  is  available,  adjustments  to  the 
Open  Skies  system  to  keep  average  check¬ 
in  times  under  a  minute,  and  electronic  bag 
tagging.  And  the  hidden  cameras  in  the 
cabin  with  monitors  in  the  cockpit,  installed 
recently  as  a  security  measure,  is  another  IT 
project  that  pleases  passengers.  “We  used  the 
DirecTV  technology  we  already  had,  and 
the  plumbing  on  that  was  $70,000  per  air¬ 
plane,”  explains  Barger.  “What  was  the  ROI 
on  that  IT  investment?  Zero.  But  we  think 
it’s  something  that  will  make  customers  say, 
These  guys  just  get  it.” 

In  the  end,  IT’s  effect  on  customer  serv¬ 
ice  may  be  almost  as  important  as  its  effect 
on  CASM.  “The  customer  experience  is  our 
biggest  success  factor,”  says  Neeleman. 
“That’s  what’s  surprised  me  the  most:  the 
amount  of  customer  loyalty  we  have  after 
being  around  just  two  short  years.”  And 
that’s  not  just  CEO  braggadocio.  JetBlue 
filled  78  percent  of  its  planes  last  year 
(industry  average  is  71  percent),  landed  the 
.number-two  spot  among  economy  airlines 


in  the  Zagat  2001  airline  survey,  and  ranks 
first  in  the  Air  Transport  Association’s  met¬ 
rics  for  on-time  performance  and  fewest 
mishandled  bags. 

“JetBlue  is  the  way  flying  should  be,  and 
probably  the  way  it  was  some  time  ago,”  says 
Albert  James,  a  New  York  City-based  appli¬ 
cation  architect  who  flies  to  Florida  at  least 
twice  a  year  on  the  carrier.  “The  agents  at 
check-in  are  efficient.  In  flight,  you  get  first- 
class  service  no  matter  where  you  sit.  Even 
baggage  claim  is  a  breeze.  I  have  yet  to  have 
a  bad  JetBlue  experience.” 

JetBlue  executives  insist  that  the  IT  projects 
that  make  customers  happy  also  benefit  em¬ 
ployees.  “IT  has  made  a  huge  impact  on  our 


number-one  cost,  which  is  labor;”  says  Barger. 
“It  allows  us  to  do  more  with  fewer  people, 
and  it  also  allows  us  to  take  better  care  of  the 
people  we  do  have.”  And  in  this  heavily 
unionized  industry  (more  than  60  percent  of 
airline  employees  belong  to  one),  it  has 
allowed  JetBlue  to  remain  union-free  so  far. 

Up  in  the  Air 

JetBlue’s  continued  commitment  to  technol¬ 
ogy  was  crystal  clear  following  the  post- 
Sept.  11  turbulence  that  rocked  the  airline 
industry.  Just  eight  weeks  after  the  terrorist 
attacks,  Cohen  resumed  IT  spending,  even 
scoring  some  savings.  “There  were  great  val¬ 
ues  to  be  had  because  vendors  were  really 
hurting.  And  we  were  capable  of  making 
some  incredibly  great  deals  because  we  had 
really  boned  up  on  cash,”  Cohen  explains. 
And  at  a  time  when  other  airlines  cut  or 
level-funded  their  technology  spending, 
JetBlue’s  IT  2001  capital  budget  of  $5.6  mil¬ 
lion  grew  to  $10  million  in  2002. 

Upcoming  projects  include:  onboard 
servers  and  wireless  networks  in  jetways  so 
that  operational  and  mechanical  data  can 


be  uploaded  and  downloaded  pre-  and  post¬ 
flight;  outfitting  mechanics  with  ruggedized 
laptops;  a  paperless  frequent  flier  program. 
Two  security-related  programs  are  also  on 
tap:  cockpit-monitoring  cameras  so  that 
ground  crews  can  monitor  activity  there  via 
an  existing  satellite  feed,  and  biometrics 
applications  in  airport  terminals. 

Barger  says  he  emphasizes  experimenta¬ 
tion  in  talks  with  Cohen.  “I  say  to  Jeff,  ‘Let’s 
find  out  what  we  can  do  next  in  terms  of 
passenger  check-in,  talking  electronically  to 
the  airplane  itself  and  talking  to  one  another. 
Let’s  keep  pushing  the  envelope.’” 

Those  are  exciting  words,  but  the  airline 
industry  is  a  tough  field  for  those  seeking  a 


cio.com _ 

How  do  you  scale  your  IT  capabilities 
as  the  business  continues  to  grow? 
ASK  THE  SOURCE,  JetBlue  CIO  Jeff 
Cohen,  your  questions.  Go  to 

www2.cio.com/ask/source. 


long,  smooth  ride.  “At  the  moment,  they’re 
successful.  But  no  airline  is  a  long-term  suc¬ 
cess  story,”  says  Michael  Boyd,  president  of 
The  Boyd  Group,  an  Evergreen,  Colo. -based 
aviation  business  consultancy. 

There  are  systemic  challenges  to  a  low- 
fare  carrier  like  JetBlue.  Will  the  systems  it 
has  installed  scale  with  a  company  that  just 
raised  another  $158  million  through  its  IPO 
and  plans  to  buy  a  new  $52  million  Airbus 
A320  every  five  weeks  through  2007?  Can  it 
stay  efficient  as  it  adds  new  destinations?  As 
airplanes  age?  If  unions  come  aboard? 
Won’t  established  carriers  (or  another 
upstart)  try  to  best  JetBlue  at  its  own  game? 

The  company’s  early  IT’  strategy  decisions 
will  continue  to  bring  benefits  for  the  next 
several  years,  says  aviation  consultant 
Klaskin.  “When  you  start  out  small,  you 
could  actually  operate  by  doing  everything 
manually  or  putting  in  some  single-use  soft¬ 
ware  systems.  Or  you  could  install  cool, 
integrated  technology  that  will  cost  you  a 
lot  more  to  start.  That’s  what  JetBlue  did. 
And  a  few  years  from  now,  that  technology 
will  really  start  to  pay  for  itself.” 

JetBlue  leaders  say  they  believe  Klaskin’s 
view  is  the  right  one,  though  Cohen 
acknowledges,  “It’s  one  thing  to  build  a 
great  organization  and  a  great  IT  infrastruc¬ 
ture,  but  it’s  much,  much  harder  to  continue 
to  make  it  a  better  organization  and  make 
it  a  better  infrastructure.” 

And  Barger  says  JetBlue’s  IT  emphasis 
won’t  flag  as  revenue  hits  $1  billion  by  next 
year  or  2004.  “Some  people  say  airlines  are 
powered  by  fuel,  but  this  airline  is  powered 
by  its  IT  infrastructure.  We’re  always  looking 
at  our  technology  and  saying,  Is  there  a  way 
we  can  improve  this?  That’s  the  magic.”  BE] 


Senior  Writer  Stephanie  Overby  can  be  reached  via 
e-mail  at  soverby@cio.com. 


At  a  time  when  other  airlines  cut 
L\  or  level-funded  IT  spending, 

/  \  JetBlue  boosted  its  budget. 


78  CIO  JULY  1,  2002  •  www.cio.com 


EMC2 

where  information  lives 


Business 

Continuity 


It’s  time  to  make  your  business  continuity  assets  work  harder  for  you.  With  EMC, 
you  can  test  and  deploy  new  applications,  shorten  or  eliminate  backup  windows, 
or  load  and  refresh  data  warehouses  more  frequently.  The  result:  your  com¬ 
pany  is  better  protected  and  more  productive  every  day  of  the  year. 

Get  started  now  at  www.EMC.com/continuity 


Someday  your  business  continuity  solution  will  be  called  on  to  save  your  company. 

(But  what’s  it  doing  this  afternoon?) 


EMC2  and  EMC  are  registered  trademarks  and  where  information  lives  is  a  trademark  of  EMC  Corporation.  ©2002  EMC  Corporation.  All  rights  reserved. 


Wireless  Security 


A  grassroots  movement  is 

rolling  onto  the  networks  of  unsuspecting 
CIOs.  It  might  already  be  too  late  to  stop  its 
spread,  but  it’s  not  too  late  to  make  it  secure. 

BY  SARAH  D.  SCALET 


Something  had  been  bothering  Peter  Johnson  ever  since  last  November, 

when  the  announcement  of  security  flaws  in  the  standards  used  for  wireless 
LANs  boomeranged  his  wireless  project  for  the  U.S.  Army  back  to  the  drawing 
board.  It  wasn’t  that  the  initiative  was  delayed  several  months  while  Johnson 
bought  encryption  technology.  It  was  those  ads  in  the  Sunday  newspaper 
fliers  for  cheap  wireless  LAN  hardware  on  sale  at  your  local  electronics  store. 

“The  average  person  buys  it  because  they  say,  'Hey,  I  can  run  my  comput¬ 
ers  off  of  one  network’”  and  one  Internet  connection,  says  Johnson,  former 
CIO  of  the  Army’s  Program  Executive  Office  of  Enterprise  Information 
Systems  in  Fort  Belvoir,  Va.  “The  technology  is  great.  It’s  inexpensive.  But 
this  technology  that’s  being  sold  for  a  couple  hundred  dollars  doesn’t 
come  with  a  big  red  sticker  that  says,  ‘Warning,  this  is  really  insecure.”’ 


Reader  ROI 

Find  out  why  wireless  LANs 
are  sprouting  up  everywhere 

See  how  to  handle  rogue 
wireless  LANs 

Learn  how  to  work  around 
the  security  flaws 


80  CIO  JULY  1,  2002  •  www.cio.com 


Torn  between  a  best-of-breed  versus 
an  integrated  software  approach? 

So  was  Steve. 


4  ft  ^ 


Q®';  "... 


When  Steve  started  researching  an  upcoming 
enterprise  software  purchase,  he  naturally  turned  to 
EnterpriseSoftwareHQ.  On  the  free  Web  site,  Steve 
found  background  materials  and  resources  that  helped 
him  clearly  understand  the  trends. 

While  online,  Steve  checked  out  our  exclusive  three- 
part  series  Total  Solutions  for  Manufacturing.  Through 
the  expert  articles  and  custom  tools,  Steve  learned 


how  new  Web-based  enterprise  solutions  compare 
with  today's  best-of-breed  applications.  Plus,  he  found 
out  how  these  new  applications  could  integrate  with  his 
legacy  applications  and  outside  business  partners. 

Think  you'd  feel  better  about  your  next  purchase  with  a 
little  more  information?  Visit  EnterpriseSoftwareHQ — 
the  headquarters  for  evaluating  enterprise  software 
and  services. 


To  read  the  Total  Solutions  for  Manufacturing  series  for  yourself,  just  log  on  to 

www.EnterpriseSoftwareHQ.com/manufacturing.asp 


www.EnterpriseSoftwareHQ.com 

An  information  service  provided  by  Thomas  Publishing  Company.  ©  2002  Thomas  Publishing  Company 


EnterpriseSoftwarel  HQ 


Wireless  Security 


Welcome  to  the  dark  side  of  a  technology  that’s  actually 
cheap  and  easy  to  use.  Whether  or  not  CIOs  like  it,  wireless 
local  area  network  (WLAN)  devices  are  being  carried  two-by- 
two  into  home  and  corporate  offices  by  employees  who  see 
ads  like  those  and  don’t  know  that  the  security  of  the  devices 
is  flawed.  By  Gartner’s  estimates,  one  in  five  companies  has  a 
wireless  LAN  that  the  CIO  doesn’t  know  about,  and  60  per- 


WLANs.  Anyone  with  the  right  hardware  can  eavesdrop  on 
network  traffic  or  freeload  Internet  access.  More  seriously,  a 
hacker  could  gain  network  access  not  just  to  the  Internet  con¬ 
nection  but  also  to  network  resources.  (Best  Buy,  for  example, 
stopped  using  its  802.1  lb  wireless  cash  registers  this  past  spring 
after  a  hacker  claimed  to  have  stolen  credit  card  information 
from  the  systems.) 


By  Gartner’s  estimates,  one  in  five  companies  has 
a  wireless  LAN  that  the  CIO  doesn’t  know  about. 


cent  of  WLANs  don’t  have  the  most  basic  security  functions 
turned  on.  Meanwhile,  airports  and  Starbucks  coffee  shops 
are  pushing  wireless  access,  and  a  growing  number  of  neigh¬ 
borhood  associations  and  even  just  neighbors  are  offering  pub¬ 
lic  Internet  access — grassroots-style — by  installing  wireless 
transmitters.  All  the  user  has  to  do  is  plug  in  a  cheap  network 
card,  log  on  and  start  surfing. 

“It’s  just  so  cool,”  gushes  Gartner’s  John  Pescatore,  describ¬ 
ing  a  recent  conference  where  Cisco  Systems  gave  every 
attendee  a  wireless  network  card — and  left  the  security  up  to 
individuals.  People  e-mailed  Pescatore  questions  during  a 
speech  rather  than  raising  their  hands.  Maybe  they  turned  off 
file-sharing  in  their  operating  systems  and  used  a  virtual  pri¬ 
vate  network  to  secure  their  laptops.  Maybe  they  didn’t.  But 
they  ate  up  the  technology  like  jelly  rolls  at  break  time. 

“It’s  not  the  IT  shops  leading  the  way,”  says  Pescatore,  who 
works  from  Gartner  headquarters  in  Stamford,  Conn.  “It’s 
the  users.”  But  (and  you  saw  this  coming,  right?),  it’s  the  IT 
shops  that  ultimately  must  lead  the  way  to  better  security. 

Look,  Ma!  No  Privacy! 

What  are  these  WLANs  that  everyone  is  talking  about? 
Governed  by  the  802.11  set  of  standards  created  by  the 
Institute  of  Electronic  and  Electrical  Engineers  (IEEE)  in  New 
York  City,  WLANs  transmit  data  not  by  wires  but  by  radio 
waves,  in  frequencies  that  don’t  require  a  license  (2.4GHz  and 
5 GHz).  Setting  up  a  WLAN  is  a  little  like  plugging  a  cordless 
phone  base  into  the  telephone  jack  in  a  home  office,  then  plac¬ 
ing  several  cordless  phones  around  your  house  to  share  that 
one  jack.  In  WLAN  parlance,  the  base  is  called  an  access  point 
(and  costs  from  $200  to  $1,000),  and  the  receiver  is  a  wire¬ 
less  network  card  (which  costs  as  little  as  $70).  The  end-result  is 
just  plain  neat.  (Look,  Ma!  No  cords!)  But  the  signal  can  also 
be  picked  up  by  a  neighbor  using  nothing  more  than  a  similar 
$100  wireless  network  card. 

For  that  reason,  security  experts  have  always  been  leery  of 


The  IEEE  tried  to  solve  those  problems  by  building  security 
into  the  802.11b  standard  (also  known  as  Wi-Fi),  with  an 
optional  encryption  capability  known  as  wired  equivalent  pri¬ 
vacy  (WEP).  The  first  problem  was  that  the  majority  of  WLAN 
users  didn’t  bother  to  even  turn  on  WEP.  Then,  last  February, 
three  researchers  from  the  University  of  California  at  Berkeley 
announced  that  even  when  used  properly,  WEP  was  insecure 
because  the  security  algorithm  had  weaknesses.  A  hacker  who 
captured  as  little  as  10  to  20  minutes  of  network  traffic  could 
decode  the  encryption  scheme.  That  done,  he  could  read  all 
the  network  traffic  he  had  captured  and,  until  the  next  time 
the  WLAN  user  changed  the  WEP  key,  he  could  also  gain  net¬ 
work  access. 

After  the  announcement,  organizations  with  high  security 
stakes — the  Army,  for  example — banned  WLANs  without 
additional  security,  and  everybody  expected  WLAN  sales  to  col¬ 
lapse,  at  least  until  the  IEEE  hammered  out  new  security  pro¬ 
tocols.  But  sales  didn’t  drop  off.  In  fact,  quite  the  opposite  has 
happened.  The  Meta  Group  predicts  that  by  the  end  of  2002, 
75  percent  of  Global  2000  companies  will  have  trial  WLANs. 

The  good  news  is  that  there’s  no  reason  for  WLAN  secu¬ 
rity  flaws  to  keep  most  businesses  from  enjoying  the  conven¬ 
ience  of  WLANs.  But  first,  CIOs  must  know  what  they’re  deal¬ 
ing  with. 

The  Hunt  for  Rogue  WLANs 

Joseph  Magee  used  to  be  a  CIO’s  most  irksome  problem:  an 
MIS  guy  who  brought  WLAN  equipment  into  the  office  just 
to  play  with.  “Little  does  [that  person]  know  that  that  signal 
sitting  right  there  on  his  desk  can  easily  be  sniffed,”  says 
Magee,  referring  to  the  process  of  monitoring  the  airwaves  for 
WLAN  traffic. 

“I  was  that  guy  once,”  admits  Magee,  a  former  chief  security 
officer  at  an  online  brokerage  who  is  now  CSO  at  Top  Layer 
Networks,  a  network  security  company  in  Westboro,  Mass. 
“I  looked  at  what  I  plugged  into  on  my  screen,  and  a  big  finan- 


82  CIO  JULY  1,  2002  •  www. cio.com 


rc-r-;  - 


The  New  Gateway  600X 

Presenting  the  ultimate  desktop  replacement.  With  its  head-turning  style, 
awe-inspiring  processor  and  incredibly  expansive  screen,  the  completely 
portable  600X  is  everything  you  ever  wanted  in  a  desktop-to  go. 
15.7"  SXGA  TFT  Active-Matrix  Display  •  Mobile  Intel®  Pentium*  4 
Processor  1.60GHz-M  •  256MB  DDR  Memory  •  30GB  Ultra  ATA  Hard 
Drive  •  Modular  DVD/CD-RW  Combo  Drive  •  Internal  V.92  56K  Modem 
and  10/100  Ethernet  •  Internal  IEEE-1394  FireWire*  •  ATI'  Mobility 
Radeon”  7500  with  64MB  DDR  Memory  •  Microsoft*  Windows'XP 
Home  Edition  •  Microsoft1-  Works  Suite  2002  •  1-Year  Limited  Warranty*' 

$1999 


‘  I 


**  ■ 


The  New  Gateway  450X 

Stylish  and  affordable,  the  new  450X  is  the  perfect  combination  of  performance, 
portability  and  price.  And  beneath  its  cutting-edge  exterior  you’ll  find  the  world's  most 
cutting-edge  mobile  processor:  the  new  Mobile  Intel  Pentium  4  Processor-M. 
15"  XGA  TFT  Active-Matrix  Display  •  Mobile  Intel*  Pentium1'  4  Processor  1.60GHz-M 
Weighs  6.01  lbs.3  and  1.30"  thin  •  256MB  DDR  Memory  •  20GB  Ultra  ATA  Hard  Drive 
Modular  8X  DVD-ROM  or  8X  CD-RW  Drive  •  Internal  V.92  56K  Modem1  and  10/100 
Ethernet  •  ATI  Mobility  Radeon  Graphics  with  32MB  DDR  Memory  •  Microsoft* 
Windows'XP  Home  Edition  •  Microsoft  Works  Suite  2002  •  1-Year  Limited  Warranty 

$1599 


Every  day  the  demands  of  business  get  more  demanding.  Which  is  why  we  designed  the  new  Gateway®  600X  and  450X  notebooks 
around  the  sophisticated  power  management  of  the  world’s  fastest  mobile  processor:  the  Mobile  Intel  Pentium  4  Processor-M.  Superior 
multimedia  and  graphic  capabilities.  Significantly  extended  battery  life.  Seamless  connectivity.  Slim-almost  aerodynamic-design. 
The  new  Gateway  600X  and  450X  notebooks.  So  slick,  they’ll  make  you  look  good  even  when  they’re  closed.  Call  us  at  1-877-239-5535. 


Limited-lime  Offer 

Upgrade  to  Microsoft*  Windows'XP  Professional  and  1-year  Accidental-Damage 
Protection  for  $100,  with  the  purchase  of  any  Gateway  600  or  450  Series  notebook. 
(Offer  ends  7/31/02.) 


Gateway®  PCs  use  genuine  Microsoft"  Windows® 
httD://www.microsoft.com/piracv/howtotell 


Gateway 

gateway.com  AOL  Keyword:  Gateway 


Prices  and  configurations  subject  to  change  without  notice  or  obligation.  Prices  exclude  shipping  and  handling  and  taxes.  Not  responsible  tor  typographical  errors.  Maximum  data  transter  rale  dependent  upon  multiple  variables.  Limited  warranties  and  service  agreements  apply,  visi  ga  eway.com 
or  call  1-800-846-2000  lor  a  free  copy  Weight  varies  with  options  Exclusions  apply  Visit  gateway  coin  or  call  1-800-846-2000  for  a  tree  copy  ot  applicable  terms  and  conditions  Not  available  in  all  stales  ©2002  Gateway.  Inc  All  rights  reserved.  Gateway  Terms  and  Con  (turns  o  ae  app  y 
Gateway  com  and  Gateway  Country  Stores.  LLC.  are  separate  legal  entities.  Gateway,  the  Gateway  Stylized  Logo  and  the  Black-and-White  Spot  Design  are  trademarks  or  registered  trademarks  ot  Gateway.  Inc  in  the  U  S.  and  other  countries  The  Intel  Inside  Logo  lute  and  en  ium  are  regis  ere 
trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  Microsoft  and  Windows  are  registered  trademarks  of  Microsoft  Corporation.  All  other  brands  and  product  names  are  trademarks  or  registered  trademarks  ot  their  respective  companies  o  : 


Wireless  Security 


cial  corporation’s  name  popped  up  on  my  laptop,  and  I  looked 
across  the  street  and  saw  their  building.  It  freaked  me  out.” 

The  tools  that  hackers  or  curious  interlopers  use  to  look  for 
WLAN  traffic  can  help  with  defense  as  well.  By  using  tools 
such  as  NetStumbler,  a  Windows  utility,  or  IBM’s  Wireless 
Security  Auditor,  CIOs  can  find  out  whether  there  are  any 
rogue  wireless  LANs  at  the  office. 

They  might  be  surprised,  says  Meta  Group  Senior  Research 
Analyst  Chris  Kozup  in  Burlingame,  Calif.  “I’ve  had  customers 
who’ve  done  this,  and  one  CIO  found  27  rogue  access  points. 
That’s  just  one  example,”  he  says.  And  that’s  just  access  points, 
each  of  which  typically  has  10  users. 

Not  only  can  an  audit  for  WLANs  help  locate  rogue  instal¬ 
lations,  it  can  determine  how  far  the  WLAN  signal  is  trans¬ 
mitting.  Into  the  hallways?  Out  in  the  parking  lot?  Down  the 
street?  If  the  signal  is  stronger  than  it  needs  to  be,  the  amplifi¬ 
cation  level  often  can  be  turned  down,  or  the  device  can  at 


users  leave  the  SSID  at  its  default  settings,  which  can  be  looked 
up  online,  so  administrators  should  be  sure  to  change  the  default. 


Segment  the  WLAN  from 
the  rest  of  the  network. 

If  the  data  passing  through  the  wireless  LAN  isn’t 
sensitive,  it  may  be  enough  to  separate  the  traffic 
from  the  rest  of  the  network.  That  can  be  done  with  firewalls, 
treating  the  wireless  access  point  like  any  other  router. 

Another  related  option  is  a  virtual  LAN,  which  partitions 
the  network  and  allows  certain  users  to  access  only  certain 
resources.  That’s  the  solution  at  Paul,  Hastings,  Janofsky  & 
Walker,  an  international  law  firm  based  in  Los  Angeles,  where 
in  a  few  new  conference  rooms  visiting  clients  can  use  free  wire¬ 
less  Internet  access.  When  a  visiting  user  boots  up  a  laptop  with 
a  wireless  network  card,  it  identifies  a  WLAN  connection  and  a 
message  appears:  “Welcome  to  Paul  Hastings’  virtual  network. 


The  good  news  is  that  there’s  no  reason  for 
WLAN  security  flaws  to  keep  most  businesses 
from  enjoying  the  convenience  of  WLANs. 


least  be  placed  away  from  a  window  (which  doesn’t  block  a 
wireless  signal  as  well  as  a  wall). 

Beyond  that,  CIOs  have  five  main  options  in  deciding  what 
to  do  about  these  WLANs,  depending  on  the  sensitivity  of  the 
data  and  how  the  wireless  devices  are  used. 

Make  the  best  of  what’s  there. 

Even  though  the  security  built  into  802.11b  devices 
is  flawed,  it’s  better  than  nothing.  Simply  enabling 
WEP  can  go  a  long  way  to  improving  security. 
Companies  that  are  relying  on  WEP  for  keeping  out  snoopers 
will  also  need  strict  policies  to  make  sure  the  key  gets  changed 
daily — at  the  minimum. 

A  couple  of  other  built-in  features  can  help  with  authentica¬ 
tion  too.  One  is  the  media  access  control  (MAC)  address.  This 
is  a  unique  address  written  into  the  firmware  of  a  network  card. 
An  administrator  can  configure  the  network  so  that  only  cer¬ 
tain  MAC  addresses  can  log  on.  (The  weak  link?  A  hacker  can 
watch  the  airwaves  for  a  successful  log-on,  change  his  own  MAC 
address  on  his  computer  or  laptop  and  then  gain  network 
access.)  The  second  is  the  service  set  identifier  (SSID),  an 
alphanumeric  ID  hard-coded  into  a  wireless  device.  If  the  client 
doesn’t  have  the  same  SSID  as  the  server,  access  is  denied.  Most 


Please  click  here  for  Internet  access” — a  modified  version  of  the 
message  coffee-slurpers  get  when  they  access  the  for-pay 
WLANs  Starbucks  has  installed  at  many  locations. 

Theoretically,  anyone  nearby  could  get  free  Internet  access, 
although  CIO  Mary  Odson  says  the  signal  degrades  notice¬ 
ably  near  the  windows,  and  even  inside  the  building. 


Encrypt  data  end-to-end  with  a  VPN. 

Within  the  next  two  years,  Odson  anticipates  that 
her  attorneys  will  also  use  WLANs  regularly  for 
accessing  the  network.  In  fact,  she’s  so  sure  of  this 
that  as  Paul  Hastings  designs  new  offices,  she’s  spending  less 
money  on  cabling.  For  transmitting  sensitive  legal  documents 
and  e-mail,  she’ll  use  a  combination  of  virtual  private  net¬ 
works  and  encryption,  treating  each  attorney  as  a  virtual  user 
even  if  he  is  in  the  office. 

For  that  scenario,  even  an  improvement  on  WEP  wouldn’t 
work.  WEP  encrypts  data  between  a  wireless  network  card  to 
the  access  point;  a  VPN  encrypts  data  end-to-end.  That  kind 
of  setup  is  already  common  in  corporate  America,  especially 
for  mobile  employees.  It  isn’t  a  perfect  option,  of  course.  Not 
only  are  VPNs  expensive  and  difficult  to  scale,  but  they  also 
limit  IT’s  control  over  the  data  transmitted  over  the  network, 


84  CIO  JULY  1,  2002  •  www.clo.com 


FREE  APC  Multiple  Outlet 
Rack-mountable  Strip 

to  the  first  100  entrants. 

All  entrants  will  reci 
APITs  "Solutions  for 
Business  Networks" 


Be  one  of  the  first  100  to  mail  or  fax  this 
completed  coupon  or  contact  APC  and  you 
will  receive  a  FREE  APC  Multiple  Outlet  Rack- 
mountable  Strip!  All  entrants  will  receive  APC's 
"Solutions  for  Business  Networks".  Better  yet, 
enter  today  at  the  APC  Web  site! 


Key  Code 

http://promo.apc.com  f  7 1 7y 

(888)  289-APCC  x6446»  FAX:  (401 )  788-2797 


FREE  APC  Multiple  Outlet  Rack-mountable  Strip  for  the  first  100  entrants. 


All  entrants  will  receive  APC's  "Solutions  for  Business  Networks." 

□  YES!  Enter  me  to  win  1  of  100  FREE  APC  Multiple  Outlet  Rack-Mountable 

Strips  and  send  me  APCs  Solutions  for  Business  Networks.  iseeApc  website  tor  complete  promotion  details). 

□  NO,  I'm  not  interested  at  this  time,  but  please  add  me  to  your  mailing  list. 


Name: 

Title: 

Company: 

Address: 

Address  2: 

City/Town: 

State: 

Zip: 

Country: 

Phone: 

Fax: 

E-mail: 

Yes!  Send  me  more  information  via  e-mail  and  sign  me  up  for  APC  PowerNews  e-mail  newsletter.  \  Key  Code  f71 7y 


What  type  of  availability  solution  do  you  need? 

□  UPS:  0-1 6kVA  (Single-phase)  □  UPS:  10-80kVA  (3-phase  AC)  □  UPS:  80+  kVA  (3-phase  AC)  □  DC  Power 

□  Network  Enclosures  and  Racks  □  Precision  Air  Conditioning  □  Monitoring  and  Management  □  Cables/Wires 

□  Mobile  Protection  □  Surge  Protection  □  UPS  Upgrade  □  Don't  know 

Purchase  timeframe?  □  <  1  Month  □  1-3  Months  □  3-12  Months  □  1  Yr.  Plus  □  Don't  know 
You  are  (check  1):  □  Home/Home  Office  □  Business  (<1000  employees)  □  Large  Corp.  (>1000  employees) 

□  Gov't.,  Education,  Public  Org.  □  APC  Sellers  &  Partners 


Legendary  Reliability™ 


©2002  APC.  All  trademarks  are  the-property  of  their  owners.  APC4A1  EB-US_2C 


E-mail:  esupport@apcc.com  •  132  Fairgrounds  Road,  West  Kingston,  Rl  02892  USA 


POSTAGE  WILL  BE  PAID  BY  ADDRESSEE 


AMERICAN  POWER  CONVERSION 


KEY  CODE:  f717y 
DEPARTMENT:  B 
132  FAIRGROUNDS  ROAD 
PO  BOX  278 

WEST  KINGSTON  Rl  02892-9920 


III..... I. II. .1.1. 1 


I. III.. .1.1.. I 


How  to 
Contact  APC 

Call:  (888)  289-APCC 

use  the  extension  on  the 
reverse  side 

Fax:(401)  788-2797 

Visit:  http://promo.apc.com 

use  the  key  code  on  the  reverse 
side 


Legendary  Reliability” 


LCD  Monitors 


High  quality  rack-mount  LCD  monitors  designed  to  maximize 
space  in  a  data  center  environment 

1  Provides  optimal  functionality  while  utilizing  only  1 U  (1 .75")  of  rack  space 
-  Includes  1 5"  LCD  monitor,  integrated  keyboard  and  integrated  pointing  device 


Cables 


APC  offers  a  comprehensive  line  of  cables  and  connectivity  solutions  to 
fulfill  the  connectivity  requirements  of  any  application  or  environment 


Look  for  these  other  great 
rack  accessories  from  APC: 


Fixed  and  Sliding  Shelves 
Cable  Management  Shelves 
Fans 

Keyboards/Keyboard  Drawers 
Stabilization  Kits 
Power  Distribution  Units 


Visit  www.apc.com 
for  more  information! 


APC:  UPSs  and  So  Much  More 


APC,  the  name  you  trust  for  power  protection,  also 
offers  a  comprehensive  line  of  non-proprietary  racks, 
rack  accessories  and  management  tools  that  provide 
you  with  the  flexibility  to  implement  a  highly  available, 
multi-vendor  environment.  APC  allows  you  to  create 
a  rack  environment  with  the  level  of  availability  you 


require,  and  provides  you  with  the  accessories  and 
management  tools  to  maintain  that  level  of  availability 
over  time.  Our  expert  Configure-to-Order  Team  can 
custom  tailor  a  complete  rack-mount  solution  to  suit 
your  specific  requirements.  Contact  APC  today  and 
protect  your  rack  application  with  Legendary  Reliability". 


Air  Distribution  Unit 


A  unique  2U  rack-mounted  fan  tray  unit  that  connects  into  raised 
floors  and  pulls  conditioned  air  directly  into  the  enclosure 

•  Dual  fans  provide  increased  airflow  needed  to  cool  densely  packed  equipment 

•  Improves  air  delivery  in  poor  static  pressure  areas 

•  Enhances  air  quality  to  rack  equipment  by  providing  30%  efficient  filtration 

•  Adjustable  depth  to  fit  most  leading  enclosures 


NetShelter®  VX  Enclosures 


Next  generation,  high-quality  enclosures 

•  Fully  ventilated  front  and  rear  doors  with  enhanced  ventilation  pattern  maximize  airflow 

•  Overhead,  base  and  side  cable  access  provide  easy,  integrated  cable  management 

•  Rear  Cabling  Channel  (42"-deep  versions  only)  allows  for  easy  installation, 
access  and  serviceability  of  both  data  cables  and  power  distribution 

•  Available  in  multiple  configurations:  35.5"-deep,  42"-deep,  beige  or  black 


NetShelter®  Open  Frame  Racks 


Economical  open  frame  solutions  for  wiring  closets  and  data  center 
networking  applications 

•  Designed  to  accommodate  networking  devices  such  as  hubs,  routers  and  switches 

•  Industry  standard  7'-high  design  provides  45U  of  equipment  mounting  space 
■  Seif-squaring  design  allows  one-person  assembly 

•  Made  of  high-strength  6061 -T6,  structural-grade  aluminum 


MasterSwitch™  Series 


Remote  power  distribution  for  network  administrators 

•  Users  can  configure  the  sequence  in  which  power  is 
provided  to  individual  receptacles  upon  start-up 

•  Built-in  Ethernet  interface  for  direct  connection  to  LAN 

•  Individually  control  8  on-board  power  outlets  for 
complete  and  flexible  management  of  attached  equipment 

KVM  Switches 


APC  MasterSwitch "  VM 
shown  mounted  inside  a 
NetShelter ®  VX 


Server  switches  designed  to  increase  system  availability  and  manageability 

•  4  and  8-port  models  available:  expandable  to  support  up  to  64  servers 

•  Models  available  that  support  Sun,  USB  and  PC  servers  simultaneously 

•  Built-in  scanning  feature  allows  you  to  automatically  monitor  your 
computers  without  intervention 

•  On  Screen  Display  (OSD)  functionality,  advanced  security  features 


ProtectNet® 


Data  line  surge  suppressors  for  comprehensive  network/PC  system  protection 

•  Protects  against  surges  and  electrostatic  discharge  traveling  through  data  lines 


-o 


FREE  APC  Multiple  Outlet  Rack-mounted 
T  strip  for  the  first  1 00  entrants! 

To  order  Visit  http://promo.apc.com  Key  Code  f717y  •  Call  888-289-APCC  x6446 


All  entrants  will  receive 
APC's  "Solutions  for 
Business  Networks" 

Fax  401-788-2797 


Legendary  Reliability 


©2002  American  Power  Conversion.  All  Trademarks  are  the  property  of  their  owners.  APC4A1  EF-USh  •  PowerFax  (800)  347-FAXX  •  E-mail  esjpport@apcc.com  • 


>  Road. ' 


Wireless  Security 


says  Meta  Group’s  Kozup.  But  he  adds  that  this  is  still  the  op¬ 
tion  most  organizations  are  choosing  for  securing  their  WLANs. 

Find  a  proprietary  solution. 

There  are  other  proprietary  wireless  solutions  for 
CIOs  who  aren’t  content  with  these  options. 
Major  WLAN  hardware  vendors,  including 
3Com,  Cisco  and  Enterasys  Networks,  are  adding  extra  secu¬ 
rity  capabilities  into  their  products.  Among  them,  Cisco’s  LEAP 
(light  extensible  authentication  protocol),  which  automatically 
changes  the  WEP  keys  in  less  time  than  it  would  take  a  hacker 
to  decode  them,  has  gotten  the  most  attention.  Other  compa¬ 
nies  known  as  wireless  LAN  gateway  vendors — Bluesocket  and 
Vernier  among  them — sell  centralized  servers  that  perform 
authentication,  encryption,  and  handle  additional  management 
and  security  details. 

The  Army  went  the  proprietary  route.  By  the  time  you  read 
this,  it  should  have  begun  rolling  out  11,000  access  points  that 
will  connect  85,000  mobile  Army  users  during  the  next  four 
years.  The  Army’s  project  is  unique,  not  only  because  it  car- 


PEER  RESOURCES 


WIRELESS?  LANS? 

E-mail  a  copy  of  WHAT  IS 
A  WIRELESS  LAN?  from 
CIO's  online  sister  pub¬ 
lication  Darwinmag.com 
to  help  your  colleagues 
understand  wireless— 
and  its  threats.  Find  it  at 
www.cio.com/printlinks. 


and  advanced  encryption  sys¬ 
tem  (AES),  which  committee 
member  Greg  Chesson  calls 
a  super-scrambler.  For  WEP 
to  be  secure,  users  need  to 
change  the  key  every  200 
packets  of  data  or  so,  says 
Chesson,  director  of  pro¬ 
tocols  at  Atheros  Commun¬ 
ications,  a  Sunnyvale,  Calif.- 
based  company  that  makes 
chipsets  for  wireless  LAN  devices.  In  comparison,  TKLP  would 
require  key  changes  every  30,000  packets,  and  with  AES,  users 
would  need  to  change  the  key  only  every  few  billion  packets. 

The  standards  draft  could  be  ratified  by  the  end  of  2002, 
with  products  starting  to  appear  several  months  later,  but 
Chesson  is  cautious  of  setting  a  date.  “It’s  pretty  rambunc¬ 
tious.  It’s  a  lot  like  the  U.S.  Congress,”  he  says  of  the  IEEE 
meetings,  describing  heated  discussions,  a  bog  of  details  and 
votes  based  on  party  (vendor)  lines.  Meanwhile,  for  develop- 


There’s  no  guarantee  that  the  new  security  standards 
won’t  eventually  be  proven  as  flawed  as  the  first. 


ries  sensitive  information  about  battlefield  logistics  but  also 
because  the  access  points  aren’t  permanently  installed  in  an 
office.  Instead,  the  access  points  are  radios  that  travel  along 
with  troops.  Each  access  point  talks  to  a  workgroup  bridge  that 
has  computers  cabled  to  it.  The  information  on  the  WLAN  is 
also  encrypted  using  AirFortress  devices  from  Fortress 
Technologies  in  Tampa,  Fla. 

Johnson  won’t  give  specifics,  but  he  admits  that  the  solu¬ 
tion  was  expensive,  which  was  especially  painful  because  the 
WLAN  project  was  already  underway  before  he  knew  he’d 
need  to  purchase  extra  encryption.  “Obviously  we  would  have 
liked  to  use  the  native  encryption  within  the  radio”  as  planned, 
he  says.  “But  since  that  is  not  doable  we  have  had  to  incur  the 
cost  to  put  the  device  into  the  system.” 

Wait  and  see. 

The  trouble  with  proprietary  solutions  is  that 
they  are  proprietary,  and  CIOs  may  find  them¬ 
selves  locked  into  one  vendor.  Optimists  hope 
that  real  security  can  be  built  back  into  WLAN  devices  some 
day.  The  IEEE  is  working  on  it.  Standards  currently  in  draft 
form  would  add  two  more  levels  of  optional  encryption:  tem¬ 
poral  key  integrity  protocol  (or  TKIP),  a  new  version  of  WEP; 


ment  purposes,  Atheros  has  already  let  WLAN  hardware  ven¬ 
dors  get  their  hands  on  updated  chipsets  that  incorporate  parts 
of  the  new  AES  security  protocols.  Analysts  recommend  that 
before  making  a  purchase  decision,  CIOs  should  make  sure 
that  a  vendor  will  be  able  to  migrate  to  the  standards  once 
they  are  ratified,  as  Atheros  promises. 

Even  then,  though,  there’s  no  guarantee  that  the  new  security 
standards  won’t  eventually  be  proven  as  flawed  as  the  first. 
That’s  why  plenty  of  testing  and  planning  is  in  order.  In 
Atlanta,  the  United  Parcel  Service  is  rolling  out  a  WLAN  proj¬ 
ect  that  processes  nothing  more  sensitive  than  tracking  infor¬ 
mation,  and  using  that  project  as  a  test  bed  for  how  laptop 
users  might  also  use  WLANs. 

“If  you  read  some  articles,  it  sounds  like  everything  is  solid 
and  all  there,”  says  John  Nallin,  vice  president  of  information 
services  at  UPS.  “However,  they’re  not  always  that  solid.  If 
that  was  the  case,  we  wouldn’t  be  testing  it  in  our  facilities, 
we’d  just  be  plugging  it  in.  When  it’s  performing  at  the  level 
we  think  it  should  be,  we’re  going  to  utilize  it  because  we  do  see 
the  advantages.”  HP! 

How  are  you  securing  your  WLAN?  E-mail  Sarah  D.  Scalet,  security  editor 
and  senior  writer,  at  sscalet@cio.com. 


86  CIO  JULY  1,  2002  •  www.cio.com 


* 


Meet  Chen.  Globe-trotting  Dealmaker. 

Virtual  Team  Virtuoso. 


And  the  impetus  behind  the 

interactive  multimedia  movement. 


L  i 


They're  ev#fywhere.  Clicking  PDAs  to  access  vital 


information.  Dialing  cell  phones  to  download  e-mail. 


Logging  on  to  laptops  to  communicate  anywhere  on  the 
planet.  It’s  the  Chens  of  the  world  who  are  turning 
business  on  the  move  into  business  as  usual.  And  it’s 
Nortel  Networks™  that  develops  the  technology  to  meet 


the  challenges  of  mobility  and  helps  businesses  generate 


revenue.  For  instance,  integrated  multimedia 
technology  from  Nortel  Networks  enables  companies 
such  as  Chen's  to  communicate  via  video  calls,  voice 
mail,  e-mail,  and  faxes  over  any  device  and  any  network. 


Whether  Chen  is  in  the 


Gartner  names  Nortel 
Networks  Leader  in 
Converged  Voice/Data* 


office  or  on  the  road, 
he’s  always  in  touch. 
So,  he  doesn't  have  to 


find  information  to  stay  productive  and  competitive  -  it 
finds  him.  And  with  Nortel  Networks  Optical  Ethernet- 
based  network  hosting  solutions,  service  providers  can 
manage  the  delivery  of  these  services  so  Chen  can  focus 
on  his  core  business.  Just  one  more  way  Nortel  Networks 
is  making  the  Internet  what  you  need  it  to  be. 
nortelnetworks.com/multimedia 


Metro  &  Enterprise  Networks  Optical  Long  Haul  Networks  Wireless  Networks 


N0RTEL 


NETWORKS 


Nortel  Networks,  the  Nortel  Networks  logo  and  the  Globemark  are  trademarks  of  Nortel  Networks.  ©2002  Nortel  Networks.  All  rights  reserved.  'Based  on  Gartner's  second 
“Magic  Quadrant'’  analysis  of  converged  voice/data  for  enterprises  in  North  America.  The  Magic  Quadrant  is  copyrighted  February  25,  2002,  by  Gartner,  Inc.  and  is  reused 
with  permission.  Gartner’s  permission  to  print  its  Magic  Quadrant  should  not  be  deemed  to  be  an  endorsement  of  any  company  or  product  depicted  in  the  quadrant. 


nortelnetworks.com 


Global  Business  |  Singapore 


The  promise  of  entering  the  vast  Asian  marketplace 

has  lured  global  companies  to  Singapore  by  the  thousands. 
But  no  matter  how  Westernized  and  business-friendly 

the  city-state  may  seem,  it’s  important  to  remember 
that  it’s  not  home  and  the  rules  are  different. 


88  CIO  JULY  1,  2002  •  www.cio.com 


PHOTOS  BY  GETTYONE 


- 


Singapore:  The  financial  district  (center). 
Leveraging  the  West  to  open  the  East. 


* 


BY  TOM  FIELD 


Reader  ROI 

►  Find  out  what  opportunities 
Singapore  offers  Western 
businesses 

►  Learn  the  pros  and  cons  of 
setting  up  shop  there 

►  See  how  Singapore  stacks  up 
against  other  Asian  business 
centers 


“The  Gateway  to  Asia”  is  how  the  marketing  brochures  promote  Singapore.  But  Brian 
Chen,  CTO  of  the  Infocomm  Development  Authority  (IDA),  the  government’s  own 
IT  shop,  offers  a  more  practical  description:  “Singapore  is  Asia  101,"  he  says. 

Or  Asia  Lite.  Or  Asia  for  Beginners.  As  opposed  to  countries  such  as  China 
and  India,  where  large  labor  forces  are  at  least  partially  compromised  by  creaky 
IT  infrastructures  or  cranky  governments,  Singapore  is  the  plug-and-play 
marketplace— a  super-wired  country  where,  as  the  Singaporeans  would  have 
Westerners  believe,  the  e-business  is  brisk  and  the  living  is  easy. 


www.cio.com  ’  JULY  1,  2002  CIO  89 


Global  Business 


Singapore 


“This  is  the  place  you  go  to  get  your  feet  wet  in 
Asia,”  says  Chen,  who  was  born  in  Fujian  Province 
in  China,  was  educated  as  an  engineer  in  the  United 
States,  and  worked  for  Motorola  in  China  just  prior 
to  joining  the  IDA  in  early  2000.  And  as  Chen  sits  in 
IDA’s  spacious,  elegant  lounge  in  the  Suntec  City 
Tower  Three  in  Singapore’s  Marina  district  (where 
pop  rocker  Christopher  Cross  had  performed  two 
days  before),  Singapore  certainly  seems  to  offer 
Westerners  a  home  away  from  home.  “It’s  an  easy 
adjustment,”  Chen  concludes. 

Singapore  has  attracted  Western  interests  since 
1819,  when  Sir  Thomas  Stamford  Raffles  of  the  British 
East  India  Co.  stumbled  upon  the  tiny  island  (246 
square  miles)  and  quickly  established  it  as  a  trading 
post  for  the  British  Empire.  With  its  central  location 
(a  short  swim  south  from  Malaysia)  and  its  deep  har¬ 


bor,  Singapore  by  1869  had  become  a  thriving  port 
for  Western  coal  merchants,  ship  builders  and  traders. 

Fast-forward  to  the  1990s.  Not  only  had  the  port 
become  the  biggest,  busiest,  most  IT-savvy  in  the 
world  (see  “The  Port  of  Singapore”  on  Page  96),  but 
the  city-state  was  now  home  to  thousands  of  multi¬ 
national  companies,  including  Citibank,  Microsoft 
and  Sun  Microsystems — the  East  India  Companies 
of  the  late  20th  century,  looking  to  take  advantage 
of  the  following: 

■  A  stable,  business-friendly  government  offering  huge 
tax  incentives  (10  years  100  percent  tax  free  if  a  busi¬ 
ness  establishes  a  regional  headquarters)  and  local 
partnerships. 

■  A  largely  English-speaking,  Westernized  environ¬ 
ment  complete  with  shopping  malls  and  U.S.  restau¬ 
rant  chains. 


Singapore 


Singapore  poses  some  stiff  challenges  to  global 
companies  and  their  employees.  Here  are  the  issues  to 
consider  before  setting  up  shop. 

The  government  giveth...and  taketh  away.  The  voting  privilege 
in  Singapore  is  universal— and  compulsory.  A  citizen  who  fails  to 
vote  is  stripped  of  the  right  to  vote  for  five  years. 

In  other  words,  Singapore  gives  people  and  businesses  freedom 
to  do  what  they’re  told.  The  financial  services  and  high-tech 
industries  are  lightly  regulated,  and  the  telecommunications 
industry  was  completely  privatized  in  2000.  But  this  is  still  a 
restrictive  marketplace  for  media  and  entertainment  companies. 
Journalists  must  be  licensed  in  Singapore,  Playboy  and 
Cosmopolitan  are  banned,  movies  are  censored,  and  the  govern¬ 
ment  maintains  a  list  of  banned  websites  that  Internet  service 
providers  are  required  to  block  from  Singaporean  subscribers. 

Labor  is  scarce.  There  are  currently  116,000  IT  jobs  in 
Singapore,  with  only  106,000  qualified  professionals  to  fill  them, 
creating  an  enduring  shortage  of  about  10,000  people.  It’s  a 
seller’s  market,  and  IT  workers  are  commanding  top  dollar— 
$24,000  per  year  on  average,  which  is  almost  five  times  what 
programmers  in  India  earn.  Companies  increasingly  are  establish¬ 
ing  management  headquarters  in  Singapore  and  outsourcing  the 
labor  to  China  or  India. 

The  living  is  easy...and  expensive.  Singapore  has  no  natural 
resources,  and  its  man-made  ones  are  scarce  too.  Housing  is 


Chinatown  in  Singapore  (left):  Ethnic  Chinese  make  up  78  percent 
of  the  population.  The  commute:  Drivers  must  win  a  lottery  for  the 
privilege  of  paying  up  to  $10,000  for  a  driver’s  license. 

particularly  expensive.  Residential  space  is  so  scarce,  in  fact,  that 
about  86  percent  of  the  population  lives  in  government-built  and 
financed  high-rise  apartments  that  cost  anywhere  from  $1,500  to 
$3,000  per  month.  Because  of  the  high  cost  of  living,  many 
multinational  companies  pay  a  housing  allowance  to  their 
Singapore  employees. 

Office  space  is  similarly  scarce  and  expensive,  but  the  govern¬ 
ment  provides  financial  incentives  and  assistance  to  global 
businesses  opening  offices  there. 

As  for  transportation,  it’s  relatively  cheap  if  you  don’t  mind 
taking  a  taxi  or  the  subway.  But  the  number  of  cars  and  drivers  is 
strictly  regulated.  In  fact,  prospective  drivers  must  win  a  lottery 
just  for  the  privilege  of  paying  up  to  $10,000  to  obtain  a  driver’s 
license.  Foreigners  with  valid  driver’s  licenses  have  an  easier  time 
of  it;  they  can  apply  for  a  Singapore  driver’s  license  after  one  year 
of  residency. 

Of  course,  because  of  high  tariffs  aimed  at  discouraging  private 
ownership,  a  midrange  car  can  cost  as  much  as  $100,000.  -T.F. 


90  CIO  JULY  1,  2002  •  www.cio.com 


PHOTOS  BY  GETTYONE 


IBM,  TotalStorage,  the  e-business  logo  and  e-busmess  isWie  game.  Play  to  wmme  either  ^jistered  trademarks  or  trademarks  of  International 
Business  Machines  Corporation  in  the  United  States  and  all  other  countries.  Other  company,  product  and  service  names  may  be  trademarks  or 
service  marks  of  others.  ©  2002  IBM  Corp.  All  rights  reserved. 


& 

■ 

■ 

|  | 

I 

W _ 

r- " 

I  i 

1 

r— ] 

1  n'  iin.  "Jinni'i'iTir 

WM 

Storage  in  every  size  and  width. 

The  difference  between  winning  and  losing  is  a  little  thing  called 
“storage.”  And  the  winning  play  is  integrated  storage  solutions.  Why? 
Hardware  and  software  that  work  together  speed  implementation, 
let  you  maximize  your  current  infrastructure  investments,  and  help 
reduce  risk.  IBM  TotalStorage”  solutions  are  complete,  cross-platform 
storage  offerings  that  cover  storage  networking,  disk,  tape,  software 
and  services.  Bent  on  winning?  Find  out  where  you  can  test-drive 
any  IBM  storage  solution  at  ibm.com/totalstorage/solutions 


(^business  is  ihe.  Phy  io  n/in. 


Global  Business  |  Singapore 


A  Clean, 


WESTERNERS  MAY  LAUGH  about  Singapore’s  draconian  laws  against 
chewing  gum  and  petty  crime  (remember  Michael  Fay,  the  American  teenager 
who  was  caned  for  vandalizing  a  car  in  1994?),  but  perhaps  not  coincidentally 
Singapore’s  streets  are  clean  and  crime-free— and  kept  that  way  by  a  stern 
criminal  justice  system  that  fines  jaywalkers,  canes  petty 
thieves  and  executes  drug  dealers.  Also,  because  the  tiny 
island  carefully  regulates  automobile  traffic  (cars  and 
driver’s  licenses  are  prohibitively  expensive),  there  is  no 
street  congestion  or  air-and-noise  pollution,  unlike  in 
India  or  China.  -T.F. 


The  Old  Courthouse.  Singapore’s  streets 
are  notably  congestion-free. 


■  A  sophisticated  telecommu¬ 
nications  infrastructure,  includ¬ 
ing  a  state-of-the-art  broadband 
network  reaching  99  percent  of 
the  population. 

■  A  heterogeneous  commu¬ 
nity  of  4  million  that’s  78  percent  Chinese,  13  percent 
Malay  and  7  percent  Indian,  making  Singapore  an 
ideal  test  market  for  a  good  slice  of  Asia. 

“For  a  U.S.  company  coming  into  this  marketplace, 
Singapore  is  very  cosmopolitan,  a  melting  pot  of  cul¬ 
tures,”  says  Vincent  Sim,  senior  marketing  manager 
for  Microsoft’s  MSN  business  unit,  which  opened  its 
Internet  portal  to  Singapore  in  2000.  In  two  years, 
MSN  was  able  to  attract  800,000  local  e-mail  sub¬ 
scribers,  and  in  2001  it  used  Singapore  as  a  laboratory 
to  launch  a  successful  series  of  live  concert  webcasts. 
“We  find  we  can  test  new  services  in  Singapore  and 
then  cross-share  the  learnings  across  Asia,”  Sim  says. 

Of  course,  along  with  Singapore’s  business  oppor¬ 
tunities  come  a  unique  set  of  chal¬ 
lenges,  including  the  following: 

■  Skilled  labor  and  available 
housing  are  both  scarce  and 
expensive. 

■  The  government  is  heavily 
involved  in  everything  from  recruit¬ 
ment  to  regulation — that  is,  it’s 
your  business  partner,  like  it  or  not. 

■  The  business-friendly  govern¬ 
ment  is  not  so  friendly  in  other 
ways;  it  restricts  expression,  enter¬ 
tainment  and  political  dissent  to  a 
degree  that  feels  oppressive  to  most 
Westerners. 

But  despite  those  problems  (see 


Wired 


61%  of  homes  have  a 
personal  computer. 

75%  of  the  country  is 
served  by  cell  phones. 

99%  of  households  are 
reached  by  Singapore  One 
broadband  network. 


“Singapore  Speed  Bumps,”  Page  90),  Singapore  today 
is  host  to  about  6,000  multinational  companies,  all 
seeking  the  seemingly  unlimited  opportunities  pre¬ 
sented  by  the  legendarily  promising  Asian  market. 
What  experienced  global  players  have  learned  is  that 
the  key  to  getting  good  grades  in  Asia  101  is  to  know 
the  rules  of  engagement  with  Singapore’s  government 
and  culture,  to  develop  local  part¬ 
nerships,  and  to  work  around  the 
island’s  challenges. 

Who  You  Know  Tells 
How  Far  You’ll  Go 

Business  partnerships  are  valuable 
anywhere,  but  in  Asia,  where  long¬ 
term  relationships  are  revered,  who 
you  know  very  much  affects  how 
far  you’ll  go.  Singapore’s  IDA  has 
developed  a  partnership  model 
designed  to  help  multinational  com¬ 
panies  gain  a  toehold  in  Asia  and  give  homegrown 
companies  an  entry  into  the  global  marketplace. 

The  Infocomm  Local  Industry  Upgrading  Pro¬ 
gramme  (iLIUP,  pronounced  like  eye  loop)  is  the 
cumbersome  name  of  this  program,  an  initiative  that 
tries  to  pair  local  entrepreneurs  in  joint  ventures  with 
multinational  companies.  The  objective:  to  blend 
the  technology,  know-how,  and  sales  and  global 
marketing  power  of  the  multinational  companies 
with  the  man  power,  entrepreneurial  energy  and 
local  market  knowledge  of  the  homegrown  enter¬ 
prises.  Since  iLIUP  started  in  1995,  roughly  160 
Singaporean  companies  have  been  assisted  by  20 
multinational  mentors  (17  of  them  from  the  United 
States)  including  Apple,  Compaq, 
IBM  and  Oracle. 

Among  the  current  participants 
in  iLIUP  are  Sun  Microsystems  and 
iGine,  an  up-and-coming  Singapore- 
based  vendor  of  e-commerce  soft¬ 
ware.  For  more  than  a  year,  Sun  and 
iGine  have  been  united  in  a  partner¬ 
ship  that  serves  both  companies’ 
business  needs.  The  first  fruit  of  the 
relationship  is  WeB2Biz,  a  new  e- 
business  engine  developed  by  iGine 
for  Sun’s  partners  and  customers. 
According  to  Philips  Lai,  strategic 
business  development  director  for 
Sun’s  global  sales  organization, 


9  2 


CIO  JULY  1,  2002 


www.  cio.com 


PHOTO  BY  KEVIN  BURKE/CORBIS 


A  CRITICAL  NETWORK  CONNECTION  IS  DOWN 
S'  BUSINESS  GRINDS  TO  A  HALT... 

I  DON'T  KNOW  WHERE  TO  LOOK?  * 

NOfi/YOUnO!  ,  x. 


Introducing  the  PanView ™  Real-Time  Physical  Layer  Management 
Solution  from  PANDUIT®,  helping  businesses  minimize  network 
down  time  by  monitoring  the  physical  layer  in  real  time.  Based  on  the 
field-proven  PatchView™  Technology  from  RiT  Inc.,  the  PanView  System 
continuously  scans  patch  cord  connections  in  the  telecommunication 
room.  The  location  of  all  connections  is  stored  in  a  centralized  database, 
providing  network  administrators  with  the  accurate  information  needed  to 
quickly  and  efficiently  reroute  users  during  a  network  failure,  or  to 
reconnect  users  as  part  of  a  disaster  recovery  effort. 

Network  administrators  are  instantly  notified  of  any  patch  cord  change 
by  means  of  alert  messages.  This  insures  that  IT  personnel  can  respond 
before  the  inevitable  trouble  call  comes  in. 

The  system  also  supports  planned  maintenance  of  patch  cords. 

Through  the  use  of  innovative  LEDs  located  above  each  patch  panel 
port,  technicians  are  guided  through  all  patch  cord  changes  in  an 
easy  step-by-step  process. 

Contact  your  local  PANDUIT  Representative  to  learn  more  about  the 
benefits  of  the  PanView  System  and  how  quickly  the  system  can  be 
working  for  you.  Better  yet,  schedule  a  demonstration  of  the  PANViEWm 
System  —  the  future  of  physical  layer  management. 

Be  Future  Ready  with  PANDUIT 


PANDUIT  is  the  Leading  Global  Provider  of 
Network  Connectivity  Solutions 

Innovative  Technology  for  Your  Copper 
and  Fiber  Infrastructure 

B  Connectors 

■  Zone  Cabling  Systems 
u  Outlets 

u  Network  Rack  Systems 

m  Physical  Layer  Management  Systems 

m  Raceway  Systems 
m  Fiber  Routing  Systems 
a  Network  Grounding  Systems 
m  Network  Cable  Ties  and  Accessories 

■  Network  Identification  Systems 

To  receive  a  copy  of  our  PanView  System  Brochure, 
please  call  800-777-3300  or  e-mail  us 
at  ncginfo@panduit.com. 

For  technical  assistance,  call  866-405-6654. 


Cisco  Systems 


Service  Provider 
Solution  Partner 


NETWORK  CONNECTIVITY  GROUP 


Tinley  Park,  IL  60477-3091 


www.panduit.com/ncg/panview 


WeB2Biz  has  helped  cut  Sun’s  order-processing  time 
from  12  minutes  to  15  seconds.  And  by  leveraging 
Singapore’s  state-of-the-art  telecom  infrastructure,  Sun 
has  been  able  to  test  new  Java  and  wireless  products 
that  can’t  yet  be  deployed  in  most  of  the  world.  “[This 
partnership]  gives  us  access  to  new  markets,  new  tech¬ 
nologies  and  new  offerings,”  Lai  says. 

But  there’s  a  bigger  picture  here.  Clearly,  for  a  com¬ 
pany  like  iGine,  a  partnership  with  a  brand  name  like 
Sun  is  a  once-in-a-business-lifetime  opportunity  to 
take  its  show  out  of  Singapore  and  mount  it  on  the 
world  stage.  For  Sun,  iGine  presents  a  red-carpeted 
chance  to  establish  an  intimate  relationship  with  a 
homegrown  Asian  company  that  in  turn  can  give  Sun 
the  credibility,  experience  and  references  it  needs  to 
penetrate  the  entire  Asia-Pacific  marketplace. 

“Doing  business  in  Asia  is  not  easy,”  says  Chang 
Huong  Tan,  CEO  of  iGine.  “The  opportunity  is  here, 
but  if  you  don’t  get  into  the  right  relationships,  [mar¬ 
ket  penetration]  can’t  work  at  all.  And  these  rela¬ 
tionships  can  take  years  to  develop.” 

Sun’s  Lai  agrees  that  the  iLIUP  partnership  pays 
dividends  throughout  Asia.  “Other  countries  look  at 


what  happens  in  Singapore,”  he  says.  “A  strong  ref¬ 
erence  from  here  does  help.  It’s  a  door  opener.” 

Please  Come  to  Singapore 

Suresh  Prabhu,  chairman  of  Apex  Systems,  an  insur¬ 
ance  industry  software  vendor  with  offices  in  India 
and  Singapore,  strongly  encourages  global  leaders  eye¬ 
ing  his  marketplace.  “Don’t  look  at  coming  to  Asia 
as  a  pain  in  the  butt,”  he  says.  “Look  at  it  as  a  way 
to  expand  your  business.” 

Yes,  the  governments,  cultures  and  customs  impose 
barriers,  he  says,  but  not  insurmountable  ones,  not 
when  weighed  against  the  benefits  of  entering  the 
Asian  marketplace  and  leveraging  local  resources. 

“Look  at  what’s  possible  in  Asia  that  will  help  your 
bottom  lines,”  Prabhu  says.  “Look  at  the  skills  avail¬ 
able  in  places  like  Singapore  and  China.” 

All  success  requires,  says  Prabhu,  is  “a  mind-set 
change.” 


Former  Executive  Editor  for  Community  Development  Tom 
Field  is  an  old  Asia  hand  who  contributed  to  CIO’s  Dec.  1, 
2000,  Field  Report  on  India. 


\ 


How  Singapore  is  leveraging  a  broadband  network 
that  connects  99  percent  of  its  homes 


E-services:  Through  its  government-developed 
eCitizen  Web  portal,  Singapore  is  migrating  all  its  public 
services  online.  The  goal  is  for  citizens  to  have  one-stop 
access  to  everything  from  birth  registrations  to  retire¬ 
ment  fund  information.  Singapore  hopes  to  have  99  percent  of 
those  services  consolidated  online  by  2004.  Today,  more  than 
500  e-services  are  available  via  the  Internet  and  at  eCitizen 
kiosks  in  community  centers  throughout  the  island. 

E-business:  Singapore  is  attempting  to  find  an  electronic 
means  of  cutting  through  red  tape  for  businesses  that  want  to 
set  up  shop,  obtain  permits  or  merely  pay  their  taxes.  The  first 
hurdle,  cleared  in  2001,  was  creating  a  one-stop  portal  for  new 
businesses  to  register  in  Singapore.  Before,  they  had  to  spend 
weeks  visiting  offices  and  obtaining  permits.  Now  they  can 
register  online  and  receive  everything  they  need  within  three  to 
five  days.  The  fees  for  registering  a  new  business  have  been  cut 
from  up  to  $1,700  to  $150. 

Through  the  Singapore  One  broadband  network,  subscribers 


There  are  more  than 
500  public  services 
available  via  the  Internet 
at  eCitizen  kiosks. 


can  sign  up  for  a  movie-on- 
demand  service  that  gives 
them  access  to  a  large  video  library.  For  roughly  $2.50,  viewers 
rent  these  films  for  24  hours,  and  they  can  fast-forward,  rewind  or 
replay  them  several  times  over— anything  but  legally  record  them. 

Clearly,  Singapore  had  some  advantages  before  deploying  e- 
services.  This  is  a  small  island  (246  square  miles),  after  all,  and 
the  telecommunications  infrastructure  was  already  modern  and 
sturdy.  Few  other  countries,  much  less  the  United  States,  could 
hope  to  duplicate  those  initiatives  today. 

But  a  U.S.  city,  county  or  even  state  could.  The  keys  to 
success  are  to  have  a  strategy  for  scaling  up  before  you  launch 
and  then  to  find  a  balance  between  supply  and  demand. 

“You  don’t  want  to  create  1,000  users  and  then  have  nothing 
for  them  to  use,”  says  Daneel  Pang,  the  Infocomm  Develop¬ 
ment  Authority  deputy  director  of  content  development.  -T.F. 


94  CIO  JULY  1,  2002  •  www.cio.com 


PHOTO  BY  TOM  FIELD 


Vietnam  Philippines  Japan  India  Hong  Kong  China  Australia  Singapore 


Global  Business 


Singapore 


Asia  Scorecard 


How  does  Singapore  stack  up  against  its  neighbors? 


Population 

Labor  Force 

Per  Capita 
Income 

Average 
Salary  for  IT 
Programmer 

Office  Rent  Per 
Square  Foot 

Value  of 

IT  Market 

Estimated  # 
of  PCs 

Internet 

Penetration 

4M 

2.2  M 

$24,740 

$24,000 

$45 

$3.4  B 

1.9  M 

44% 

NOTE:  Easy  to  relocate  and  set  up  shop  here  but  hard  to  find  skilled  labor.  Even  native  Singaporean  companies  are  increasingly  outsourcing  IT  work  to  India. 

19.3  M 

9.2  M 

$20,530 

$32,000 

$39 

$12.8  B 

8.9  M 

46% 

NOTE:  Since  2000,  the  government  has  spent  or  budgeted  $5.3  billion  on  IT  industry  innovation  and  education. 

1.3  B 

705  M 

$840 

$4,750 

$36 

$19.9  B 

2.6  M 

2% 

NOTE:  Language  barriers,  human  rights  issues  and  government  restrictions  inhibit  global  industrial  growth. 

6.8  M 

3.4  M 

$25,950 

$45,200 

$81 

$2.9  B 

2.4  M 

35% 

NOTE:  Like  Singapore,  Hong  Kong  promotes  itself  as  an  Asian  IT  center  and  gateway  to  China.  But  also  like  Singapore,  it  suffers  from  an  IT  staffing  crisis. 

IB 

450  M 

$460 

$5,850 

$28 

$4.6  B 

4.6  M 

1% 

NOTE:  Top-notch  IT  labor  force  is  ideal  for  outsourced  services:  government  regulations  and  poor  national  infrastructure  inhibit  physical  growth. 

127.1  M 

67.6  M 

$34,210 

$44,000 

$155 

NA 

40  M 

37% 

NOTE:  Japan  felt  a  double-whammy  from  U.S.  and  Asian  economic  crises.  Internal  report  criticizes  country  for 
lagging  behind  major  industrial  nations  in  government  and  business  use  of  IT  and  the  Internet. 

76.5  M 

32.6  M 

$1,040 

$6,550 

$20 

$1B 

1.5  M 

6% 

NOTE:  Good  news  is  that  the  IT  outsourcing  industry  is  attracting  more  business.  Bad  news  is  that  terrorism  may  be  scaring  away  prospective  customers. 

77.8  M 

33  M 

$390 

$7,200 

$21 

$1.4  B 

700,000 

.12% 

NOTE:  Vietnam  continues  to  privatize,  but  interest  from  foreign  investors  may  be  waning. 

Direct  foreign  investment  has  slipped  from  $8.3  billion  in  1996  to  $1  billion  through  the  first  half  of  2001. 

THE  TELECOM  AND  I.T.  INDUSTRY  IN  ASIA.  JANUARY  2002.  PRODUCED  BY  TELECOM  ASIA  AND  WIRELESS  ASIA  IN 
DED  IN  U.S.  DOLLARS.  B  =  blllion  M  =  miilion 


www.cfO.com 


•  JULY  1,  2002  CIO  9  5 


Global  Business 


Singapore 


ePort 


Robert  Yap  is  in  charge  of  IT 
at  the  port  of  Singapore 
(above),  the  world’s  busiest: 
“The  challenge  isn’t  building 
the  application;  it’s  who 
has  the  innovative  idea.” 


How  does  the  world’s  busiest,  most 
IT-intensive  port  retain  its  first-mover 
advantage?  By  being  a  second-mover  too. 

BY  TOM  FIELD 

Robert  Yap,  executive  vice  president  of  IT  for  PSA 

Corp.,  the  company  that  developed  and  operates  the 
port  of  Singapore,  holds  the  top  IT  job  at  the  busiest 
and  largest  container  port  in  the  world — a  great  job, 
but  not  without  its  worries. 

Yap’s  port  handles  250  shipping  lines  with  connec¬ 
tions  to  600  ports  in  123  countries,  and  daily  sailings 
to  every  major  port  on  the  globe.  Its  calling  card  is  effi¬ 
ciency;  its  backbone  is  IT.  Because  of  the  Computer 
Integrated  Terminal  Operations  System  (CITOS,  a 
proprietary  ERP  application)  and  Portnet,  an  e-busi- 
ness  system  that  provides  paperless  one-stop  shipping 
for  the  port  and  its  customers,  PSA  believes  that  tech¬ 
nology  is  the  basis  of  the  port’s  competitive  advantage. 
And  it  has  been  since  1984,  when  the  first  version  of 
Portnet  was  introduced.  Today,  Singapore’s  port 
enjoys  first-mover  status  as  the  world’s  IT  leader  in 
seaport  logistics  and  operations. 

But  What  About  Tomorrow? 

“I’m  a  firm  believer  in  the  second-mover  advantage,” 
says  Yap,  an  Australian-educated  business  historian 
born  in  Malaysia  who  headed  IT  at  Philips  Electronics 
Asia-Pacific  before  joining  PSA  in  2000.  “The  first- 
mover  is  the  one  who  creates  the  breakthrough,”  Yap 
says,  quoting  theory  from  his  favorite  professor,  F. 
Warren  McFarlan  of  the  Harvard  Business  School. 
“But  it’s  the  second-mover  who  builds  the  business,” 
he  says.  “We’d  like  to  be  both.” 

Has  that  ever  been  done?  It  can  be  argued  that  the 
Walt  Disney  Co.  was  a  first-mover  in  animated  films 
and  theme  parks,  slipped  and  then  rebounded  to  regain 
substantial  margins  in  both  mar¬ 
kets.  And  Yap  believes  that  Charles 
Schwab,  which  branded  the  online 
brokerage  business  and  then 
awoke  a  sleeping  giant  in  Merrill 
Lynch,  ultimately  will  come  back 
to  own  the  marketspace.  “But 

96  CIO  JULY  1,  2002  •  www.cio.com 


they’ve  got  to  stay  ahead  of  the  cun/e,”  he  says. 

As  does  his  port,  which  finds  the  edge  of  its  tech¬ 
nological  advantage  narrowing  because  of  the  ubiq¬ 
uity  of  IT  applications  in  its  industry.  Accordingly, 
since  1996  PSA  has  focused  not  just  on  improving  its 
own  internal  systems  but  in  expanding  its  opera¬ 
tions  throughout  the  world — buying  shares  of  rival 
ports  and  turning  them  into  franchises  that  grow  the 
PSA  brand.  Today,  PSA  participates  in  joint  ventures 
with  13  ports  in  eight  countries  throughout  Europe 
and  Asia,  and  it  has  established  a  subsidiary  com¬ 
pany,  Portnet.com  (of  which  Yap  is  CEO),  to  mar¬ 
ket  and  sell  Portnet  to  other  ports  worldwide.  The 
latest  customer  is  the  port  of  Seattle,  PSA’s  first  U.S. 
customer. 

By  constant  expansion,  PSA  intends  to  ensure 
that  its  systems  remain  the  industry  standard.  With 
a  proprietary  system  in  every  port  (figuratively 
speaking),  what  rival  could  hope  to  compete? 

“I  don’t  see  any,”  Yap  says.  “But  the  challenge 
isn’t  building  the  application; 
it’s  who  really  has  the  innova¬ 
tive  idea.” 

By  spreading  its  technology 
globally,  PSA  has,  for  the  time 
being,  maintained  its  edge. 

And  that’s  Yap’s  plan.  HE 


cio.com 

What’s  your  next  foreign  stop? 
Make  it  the  GLOBALIZATION 
RESEARCH  CENTER  at 

www.cio.com/global. 


PHOTOS  COURTESY  OF  PSA  CORP. 


F'Y  JE 

ip  .My| 

-  y 

IBB 

A-  . v  AA  * 

—  -  .4^  . 

Basic  r-Bv^aP, 

i  ■  V;'.; 

c :  '  ‘  B  1  ' 

■  j 

'  .  »  !  ■  : 
-  | 

/ 

MAYBE  “CUSTOMER  SERVICE” 

SHOULD  BE  MOBE  THAW  OWE 

DEPARTMENT. 


When  everyone  focuses  on  customers,  something  amazing  happens:  departments 
communicate,  questions  get  answered,  and  products  keep  moving.  That’s  why  the  mySAP™ 
Customer  Relationship  Management  solution  links  customers  with  your  complete 
organization.  It  keeps  data  consistent  across  all  touch  points  and  it’s  the  only  CRM  solution 
that  integrates  with  all  other  business  processes,  so  it  shortens  sales  cycles  and  lowers  costs. 
Which  means  your  customers  won’t  be  waiting  around  for  good  service,  they  ’ll  be  too  busy 
getting  it.  For  more  info,  visit  www.sap.com 


THE  BEST-RUN  E-BUSINESSES  RUN  SAP 


Inside 

Cool  Product 

New  wireless 
handheld . 102 

Under 

Development 

DNA  computing  ..  104 

Pundits 

Thomas  N.  Theis  on 
nanotechnology  ..  106 


Fortune  Telling 

New  predictive  intelligence  tools  may  clear  cloudy  futures 

BY  DAVID  L.  MARGULIUS 


Edited  by  Christopher 
Lindquist.  Send  your 
thoughts  and  ideas 
for  future  columns  to 
clindquist@cio.com. 


WHAT  TYPE  OF  PERSON  takes  a  midweek  ski 
trip?  American  Skiing  Co.,  which  operates  eight 
ski  resorts  in  the  United  States,  needed  to  find 
out.  Its  flagship  East  Coast  resort,  Killington  in 
Vermont,  was  full  on  weekends  but  emptier 


midweek,  and  it  was  clear  that  untargeted  mar¬ 
keting  wasn’t  going  to  fill  the  chairlifts. 

Together  with  Newburyport,  Mass.,  startup 
Genalytics,  American  Skiing  combed  its  customer 
database  for  the  answer.  Applying  what  it  calls 


Organic  computers. ..Nanotech. ..Predictive  intelligence 


38  CIO  JULY  1,  2002  •  www.cio.com 


Information  Technology  is  more  than  our  name.  It's  what  we're  all  about.  IT  that  helps  agencies  throughout 

i 

the  federal  government  turn  data  into  decisions.  IT  that  ensures  security  and  enables  government  to 
operate  more  efficiently  and  effectively.  Our  services  encompass  enterprise-wide  solutions  and  support 
for  critical  infrastructure,  business  and  mission  systems.  Lockheed  Martin  Information  Technology.  More  than 
7,000  IT  professionals  helping  make  America  a  better  place  to  live. 


■j  Emerging  Technology 


“Darwinian  genetic  algorithms,”  Genalytics 
created  more  than  50,000  predictive  test 
models  for  American  Skiing  in  three  days, 
each  emphasizing  different  combinations 
of  variables,  such  as  travel  time  or  number 
of  kids.  The  software  then  took  the  most 
predictive  models  and  “mated”  them  to 
“breed”  even  more  insightful  models. 

The  exercise  showed  that  the  customers 
most  likely  to  visit  Killington  midweek 
were  those  who  had  never  visited  the  com¬ 
pany’s  western  resorts — such  as  Steamboat 
in  Steamboat  Springs,  Colo. — presumably 
because  skiers  tended  to  spend  a  week  at 
Steamboat,  thereby  using  up  their  midweek 
vacation  days.  Based  on  this  finding,  the 


company  stopped  marketing  midweek 
Killington  packages  to  those  customers  and 
instead  started  offering  more  synchronized 
cross-promotions  between  Killington  and 
Steamboat.  (And  like  most  predictive  intel¬ 
ligence  users,  the  company  refuses  to  dis¬ 
cuss  actual  results,  for  competitive  reasons.) 

“The  ability  to  be  iterative  was  crucial,” 
says  Diane  Murphy,  former  director  of  data¬ 
base  marketing  for  American  Skiing  in 
Bethel,  Maine.  The  new  fast-modeling  tech¬ 
nology  helped  avoid  misleading  indicators 
and  helped  get  to  a  truly  predictive  result 
at  a  manageable  cost. 

Power  Surge 

Welcome  to  the  realm  of  predictive  intelli¬ 
gence,  a  new  generation  of  analytical 
applications  that  are  leveraging  faster  pro¬ 
cessing  speeds,  more  complex  algorithms 
and  existing  data  mining  infrastructures 
to  help  enterprises  push  back  the  fog  of 
the  unknown.  Although  statistical  fore¬ 
casting  has  been  around  for  decades, 
what’s  changed  is  the  ability  to  quickly  and 


cheaply  analyze  huge  amounts  of  data, 
examine  more  variables,  uncover  previ¬ 
ously  hidden  relationships  and  deliver  star¬ 
tlingly  accurate  predictions  without  hiring 
a  roomful  of  white-coated  PhDs. 

“The  technology  for  processing  has  got¬ 
ten  remarkable,”  says  Stacie  McCullough 
Kilgore,  a  senior  analyst  at  Cambridge, 
Mass.-based  Forrester  Research.  “This  really 
changes  the  nature  of  modeling.” 

Across  large  enterprises,  predictive  intel¬ 
ligence  technology  is  being  used  for  a  stun¬ 
ningly  broad  set  of  applications.  Sports 
teams  are  using  it  to  predict  when  star  ath¬ 
letes  might  get  injured.  Banks  use  it  to 
detect  money  laundering  and  insider  trad¬ 


ing.  Retailers  are  forecasting  demand 
down  to  the  store  and  item  level.  Man¬ 
ufacturers  use  it  in  product  design  and  to 
forecast  equipment  failure.  Drug  compa¬ 
nies  use  it  to  develop  drugs  and  then  fig¬ 
ure  out  what  marketing  programs  will 
cause  doctors  to  write  more  prescriptions. 

“Most  of  the  traditional  systems  com¬ 
panies  have  used  have  not  been  able  to 
draw  correlations  to  other  external  fac¬ 
tors,”  explains  Kilgore.  With  this  new  tech¬ 
nology,  a  retailer  that  traditionally  made 
forecasts  based  on  last  year’s  sales,  for 
example,  can  now  factor  in  external  vari¬ 
ables  such  as  the  opening  of  a  competitor’s 
store  a  couple  miles  away.  And  a  boxing 
promoter  looking  to  predict  attendance 
might  run  a  model  incorporating  weather 
and  economic  indicators  along  with  the 
prominence  of  the  fighters. 

With  academic-sounding  names  like 
support  vector  machines,  these  new  pre¬ 
dictive  intelligence  techniques  and  algo¬ 
rithms  are  often  used  together  with  older 
approaches,  such  as  regression  analysis 


and  neural  networks,  along  with  work- 
flow-based  mechanisms  that  allow  for 
human  input  into  forecasts. 

“Predictive  intelligence  requires  a  fluid 
combination  of  multiple  technologies,”  ex¬ 
plains  Bob  Moran,  an  analyst  at  Aberdeen 
Group  in  Boston.  Most  of  the  algorithms 
search  for  patterns  in  large  amounts  of 
data.  Survival  analysis,  for  example,  looks 
at  factors  leading  up  to  an  event  such  as  an 
engine  failure.  Many  of  the  algorithms  fit  in 
the  broad  category  of  probabilistic  or  sto¬ 
chastic  modeling — they  look  at  the  proba¬ 
bility  that  a  specific  event  or  combination 
of  events  will  have  an  impact  on  the  future. 

The  new  models  can  often  run  right  on 
top  of  art  existing  transactional  system  or 
data  warehouse,  rather  than  requiring  a 
separate  database  and  ETL  (extract,  trans¬ 
form  and  load)  process.  Many  also  claim  to 
be  adaptive,  or  self-tuning,  to  avoid  the 
need  for  constant  care  and  feeding  from  a 
large  professional  staff. 

New  Names  and  Old 

Predictive  intelligence  software  and  serv¬ 
ices  come  from  a  slew  of  startups  like 
DemandTcc,  Genalytics  and  Mantas  that 
are  focused  on  particular  applications  such 
as  financial  fraud  detection,  supply  chain 
demand  visibility  or  retail  forecasting. 
Traditional  analytics  vendors  such  as 
Hyperion,  SAS  and  Teradata  also  have 
predictive  offerings,  as  do  applications  ven¬ 
dors  such  as  Computer  Associates,  Epi¬ 
phany,  Manugistics  and  PeopleSoft. 

In  fact,  more  predictive  analytics  capa¬ 
bilities  are  appearing  under  the  hood  of 
packaged  CRM,  ERP  and  SCM  applica¬ 
tions,  where  they’re  accessible  to  a  broad  set 
of  users  who  previously  relied  on  spread¬ 
sheets,  gut  instinct  or  a  separate  analytics 
department.  “What’s  new  is  the  packag¬ 
ing  of  predictive  technology  in  a  business 

cio.com 

Read  Chris  Lindquist’s  TECH  TACT: 

NEW  TOOLS  FOR  NEW  JOBS, 

every  Monday  at  www.cio.com. 


Across  large  enterprises,  predictive 
intelligence  technology  is  being  used  for 
a  stunningly  broad  set  of  applications. 


100  CIO  JULY  1,  2002  •  www.cio.iom 


YOU  NEED  TO  GET  SMART  FAST. 


Systems  Integration,  Enterprise  Architecture,  ERP,  CRM, 
E-Commerce,  Supply  Chain  Management,  Networking,  KM, 
Security:  You’ve  got  your  hands  full.  What  can  these  enterprise- 
spanning  applications  really  do  for  your  business?  How  do 
you  maximize  their  potential  and  limit  their  risks?  Turn  to 
the  CIO  FOCUS™  on  FUNDAMENTALS  OF  ENTERPRISE  I.T.- 
actionable  information  created,  filtered  and  packaged  by  the 
award-winning  editors  of  CIO  magazine. 

CIO  FOCUS™  is  delivered  right  to  your  desktop,  giving  you 
immediate  access  to  the  information  you  need.  And  for  your 
future  reference  needs,  the  electronic  file  is  followed  by  a 
packaged  version,  shipped  within  72  hours.  Available  now  at 
an  introductory  price. 

FOCUS™ 

STRATEGIC  GUIDES  FOR  EXECUTIVE  DECISION  MAKING 


CIO  FOCUS™ 

IT  Value:  Measurement  Tools 
and  Techniques  That  Work 

Fundamentals  of  the  CIO  Role 

Security  ASAP:  How  to  Be 
As  Safe  As  Possible 

Applied  Wireless:  Making 
Wireless  Work  in  Business 

Security  Incident  Planning: 
How  to  Prepare  to  Respond 
and  Recover 

Strategic  Planning:  How  to 
Develop  and  Align  IT  Strategy 


FOR  EXECUTIVE  DECISION  SUPPORT  TOOLS,  VISIT  THE  CIO  STORE-THE  CIO’S  KNOWLEDGE  MARKETPLACE 

www.theCIOstore.com 


Emerging  Technology 


process  context,”  says  Henry  Morris,  EDC 
analyst  and  vice  president  of  research  in 
Framingham,  Mass.  (IDC  is  a  sister  com¬ 
pany  to  C/O’ s  publisher,  CXO  Media.) 

The  dramatic  failure  of  traditional  sup¬ 
ply  chain  analytics  to  predict  last  year’s 
demand  downturn  has  spurred  a  lot  of 
thinking  about  how  to  go  beyond  just 
extrapolating  from  the  past.  Startups  such 
as  elntelligence,  OneChannel  and  Spotfire 
tout  their  ability  to  combine  human  col¬ 
laborative  input  with  advanced  modeling 
to  create  scenarios  for  better  visibility  into  i 


good  data  inputs,  and  having  people  who 
can  understand  the  models  and  help  trans¬ 
late  their  output  into  action. 

“You  need  to  take  it  a  little  bit  at  a 
time,  set  some  short-term  objectives  and 
understand  exactly  what  you’re  looking 
to  get  out  of  it,”  says  Allen  Brewer,  CIO 
of  AIG’s  e-business  risk  solutions  group  in 
New  York  City.  Brewer’s  organization 
uses  predictive  software  from  Computer 
Associates  along  with  homegrown  algo¬ 
rithms  to  evaluate  potential  credit  insur- 
I  ance  customers,  helping  to  accurately 


A  boxing  promoter  looking  to 
predict  attendance  might  run  a  model 
incorporating  weather  and  economic 
indicators  along  with  the  prominence 
of  the  fighters. 


the  demand  chain  or  other  forecasting 
challenges  with  lots  of  unknowns. 

“When  Britney  Spears  comes  out  with 
her  new  CD,  you  have  no  idea  how  it’s 
going  to  do,”  points  out  Forrester’s  Kilgore. 
Given  this  lack  of  historical  data,  models 
that  can  take  into  account  potentially  sig¬ 
nificant  variables  suggested  by  a  knowl¬ 
edgeable  human  being,  such  as  record 
company  promotions  or  regional  influ¬ 
ences,  can  be  effective. 

“There’s  this  mental  voodoo  that  peo¬ 
ple  are  doing  based  on  some  report  they 
print  out  and  bring  to  the  meeting,”  says 
Randy  Mattran,  IS  leader  for  business 
intelligence  at  Best  Buy  in  Eden  Prairie, 
Minn.,  a  prospective  user  of  predictive 
analytics.  “We’re  trying  to  capture  some 
of  that  voodoo  in  the  system.” 

Predicting  Success 

Customers  that  implement  predictive 
intelligence  technology  almost  uniformly 
emphasize  three  success  factors:  being 
clear  about  the  goals  of  the  project,  having 


predict,  for  example,  three  bankruptcies 
in  the  first  quarter  of  2002.  He  says  that 
without  the  software,  AIG  couldn’t  have 
entered  the  midsize  business  market  for  its 
credit  insurance  products. 

Start  with  a  specific  goal  in  mind,  users 
say,  and  figure  out  how  to  frame  the 
problem  and  which  models  to  use.  “Does 
the  model  fit?  Can  you  include  the  rele¬ 
vant  variables?”  asks  Best  Buy’s  Mattran. 
Focusing  on  the  right  data,  he  explains, 
is  more  important  than  the  underlying 
mathematical  algorithm  in  determining 
whether  “your  scorecard  improves  ver¬ 
sus  what  you  did  with  a  mental  model 
and  Excel  spreadsheets.” 

Second,  focus  on  getting  the  right  data 
inputs  and  on  working  with  clean  data, 
which  means  having  the  right  cleansing 
routines  and  sanity  checks  on  data  qual¬ 
ity.  There  are  a  lot  of  exogenous  variables 
that  most  companies  don’t  account  for  in 
the  data  warehouse,  says  one  IT  manager 
at  a  large  manufacturing  company,  not¬ 
ing  such  things  as  data  on  upcoming 


Cool 

Product 


Good  and  Wireless 

STARTUP  COMMUNICATIONS 

company  Good  Technology  has 
announced  the  release  of  its  first 
product,  the  Good  G100  Wireless 
Handheld  device. 

The  palm-size  communicator 
resembles  a  Research  in  Motion 
BlackBerry  but  offers  some  extra 
features,  including  a  keyboard  with 
slightly  curved  keytops  to  provide 
the  sense  of  more  thumb  space 
and  a  navigation  bar  that  can  be 
used  with  either  hand.  The  4.7- 
ounce  G100  also  features  a  backlit 
212-pixel-by-138-pixel  screen  and 
a  lit  keyboard  for  sending  and 
viewing  messages  in  low  light  or 
dark  conditions.  The  screen 
provides  16  levels  of  grayscale, 
allowing  users  to  see  more  detail 
in  retrieved  documents. 

The  product  works  with  the 
company's  GoodLink  wireless  data 
access  service  that  provides  two- 
way,  cradle-free  synchronization 
with  Microsoft  Exchange  servers. 
The  G100  communicator  can  also 
be  used  with  Goodlnfo,  which  offers 
integration  with  corporate  data  in 
enterprise  applications,  such  as 
those  from  Oracle  and  Siebel. 

Pricing  for  the  G100  hasn’t  been 
set,  though  the  company  claims 
it  will  be  competitive  with  other 
similar  products,  Pricingforthe 
GoodLink  service  varies  by  imple¬ 
mentation.  For  more  information, 
visit  www.good.com. 

- Christopher  Lindquist 


102  CIO  JULY  1,  2002  •  www.cio.com 


October  6  -  8,  2002 
Loews  Coronado  Bay  Resort 
Coronado,  California 


DIFFERENT 


BUILDING  STRATEGIC  PARTNERSHIPS  TO  TRANSFORM  THE  BUSINESS 


SHARED 


THE  SUCCESS  OF  ANY  I.T.  OR  BUSINESS  INITIATIVE 
relies  on  our  ability  to  build  strategic  partnerships  with 
corporate  and  business  unit  management,  key  suppliers, 
vendors  and  customers.  That  success  will  only  come 
when  many  different  voices  embrace  shared  visions. 

To  get  there,  we  need  solid  strategies,  clear  prioritiza¬ 
tion,  understanding  and  buy-in— along  with  the  right 
infrastructure  and  resources  in  place.  Join  us  as  your 
CIO  peers  share  visions  on  ways  to  create  new  business 
value,  a  higher  ROI  and  more  strategic  deployment  of 
technology. 


Corporate  Hosts 


>,  \l  n  EDWARDS 
□  INTEL  CORPORATION 


retailer  promotions,  which  may  not  be 
routinely  fed  back  into  a  manufacturer’s 
forecasting  system.  The  manager  also 
notes  that  making  predictive  analysis  work 
requires  significant  up-front  investment  in 
providing  current  data. 

And  finally,  make  sure  there  are  people 
on  staff  who  know  how  to  operate  the 
model,  understand  the  output  and  are 
prepared  to  take  action  based  on  it. 
“Companies  should  be  very  leery  if  they 
think  they  can  use  these  tools  in-house 
without  any  kind  of  expertise,”  says 
Forrester’s  Kilgore,  referring  both  to  mod¬ 
eling  experts  as  well  as  people  who  can 
translate  the  models  into  plain  English  for 
end  users.  The  models  need  to  be  under¬ 
standable  by  the  managers  who  will  use 
the  output — they  can’t  just  be  a  black  box. 

“You  can’t  just  say,  Trust  me,  it’s  a  fine 
model,”’  agrees  Dreyfus  Executive  Vice 
President  Prasanna  Dhore  in  New  York 
City,  who  combined  his  division’s  ana¬ 
lytics  team  with  sales  and  marketing  to 
ensure  that  the  results  of  modeling  would 
get  translated  into  action.  “Your  data  min¬ 
ing  or  analytical  group  can  be  off  on  a  tan¬ 
gent  building  wonderful  models,  but  then 
nothing  gets  implemented.” 

Dhore’s  group  used  predictive  “linear 
and  nonlinear  models”  from  SAS  to  deter¬ 
mine  why  asset  redemptions  (such  as  peo¬ 
ple  pulling  their  money  out  of  mutual 
funds)  at  the  funds  group  were  higher  than 
industry  standard  levels.  The  group  also 
used  the  models  to  predict  when  individ¬ 
ual  customers  are  likely  to  churn  so  that 
they  can  be  targeted  for  special  attention. 
Dhore  credits  the  technology  with  help¬ 
ing  reduce  asset  redemptions  to  around 
7  percent  of  assets  per  yeap  well  below  the 
industry  standard.  “To  a  large  extent  that 
was  because  of  the  success  of  our  data  min¬ 
ing  and  predictive  modeling,”  he  explains. 
“The  amount  of  data  you  can  handle  now 
makes  it  so  easy.”  ■ 


David  L.  Margulius  is  a  San  Francisco-based 
technology  analyst  and  consultant.  He  can  be 
reached  at  dave@enterpriseupdate.com. 


UNDER  DEVELOPMENT 

QNA  computing 

Cellular  Processing 

THE  LATEST  COMPUTER  to  come  out  of  the  University  of  Southern  California  isn’t 
newsworthy  for  its  small  size  or  computational  power.  It’s  notable  because  it  is  made 
from  DNA,  the  microscopic  acids  that  reside  in  every  cell  and  are  responsible  for  all  life. 
The  DNA  computer,  which  more  closely  resembles  a  biochemistry  lab  than  a  PC,  was  the 
first  nonelectronic  device— including  the  human  mind— to  solve  a  logic  problem  with 
more  than  1  million  possible  answers. 

Len  Adleman,  the  USC  professor  who  led  the  research,  says  that  DNA  is  actually  quite 
similar  to  binary  code.  Each  DNA  strand  is  made  up  of  some  combination  of  A's,  T’s,  C’s 
and  G’s  that  act  just  like  a  computer’s  l’s  and  0’s.  Furthermore,  DNA  copies,  stores  and 
parses  information  like  a  human  hard  drive  and  processor.  "Inside  the  cell  you  have  all 
the  basic  tools,”  says  Adleman.  “It's  just  a  matter  of  carrying  out  the  computation.” 

The  problem  Adleman’s  DNA  computer  solved  involved  20  variables.  For  example, 
John  wants  a  car  that  is  red,  has  a  sunroof,  four-wheel  drive  and  so  on.  Adleman's  team 
coded  strands  of  DNA  with  all  the  possible  answers  and  then  subjected  the  strands  to  a 
series  of  steps  that  eliminated  ones  with  incorrect  answers  until  only  the  strand  with  the 
correct  answer  remained.  All  in  all,  it  took  about  two  days.  On  a  traditional  computer, 
Adleman  says,  “that  problem  would  take  less  than  a  second.  Electronic  computers 
transcended  that  [kind  of  problem]  50  years  ago." 

While  the  experiment  convinced  Adleman  that  DNA  computers  will  never  be  able  to 
rival  their  electronic  counterparts  for  speed  without  an  unforeseen  scientific  break¬ 
through,  he  does  think  that  they  have  a  future  niche.  One  day,  a  DNA  computer  pro¬ 
grammed  to  react  to  the  presence  of  a  toxin,  such  as  cancer,  could  be  embedded  into  a 
cell.  When  it  detects  the  toxin,  the  computer  would  respond  by  directing  the  cell  to 
replicate  and  chemoluminesce  or  “glow.”  The  glow  could  be  seen  with  the  naked  eye 
allowing  for  early  disease  detection  and  saving  lives.  Let’s  see  a  ThinkPad  do  that. 

-Ben  Worthen 


Emerging  Technology 


104  CIO  JULY  1,  2002  •  www.cio.com 


ILLUSTRATION  BY  JASON  HOWARD  STATTS 


FIND  OUT  WITH  THE  STATE  OF  THE  CIO  SURVEY 


Get  the  definitive  data  on  CIO  salaries,  responsibilities 
and  priorities  with  THE  STATE  OF  THE  CIO  SURVEY— 
original,  in-depth  research  on  the  changing  trends  of 
the  CIO  role  and  the  challenges  CIOs  face. 

Find  out  from  your  peers  which  industries  pay  CIOs 
the  most.  How  do  IT  budgets  compare  by  industry  and 
by  company  size?  How  does  the  CIO  role  vary  between 
industries?  What  are  the  skills  needed  to  get  ahead? 
And  what  is  the  next  step  on  the  corporate  ladder? 


anil 

CIO  RESEARCH  SERIES’" 

Counsel  and  Intelligence  from  IT  Executives  and  the 
Editors  of  CIO  Magazine 


These  exclusive  survey  results— 
based  on  interviews  with  500 
heads  of  IT— provide  benchmark¬ 
ing  information  by  industry 
on  salary,  size  of  IT  staff,  users 
supported,  IT  budget  and  more. 
Information  that  will  help  you 
measure  up. 

For  only  $495,  THE  STATE  OF 
THE  CIO  is  delivered  right  to  your 
desktop  giving  you  immediate 
access  to  the  information  you 
need.  And  for  your  future  refer¬ 
ence  needs,  a  packaged  version, 
shipped  within  72  hours,  can  be 
ordered  for  an  additional  $100. 


FOR  EXECUTIVE  DECISION-SUPPORT  TOOLS,  VISIT  THE  CIO  STORE-THE  CIO’S  KNOWLEDGE  MARKETPLACE 

www.theCIOstore.com 


Emerging  Technology 


PUNDITS 

Thomas  N,  Theis 

Nanotech  Revolution 

Hype  aside,  here’s  what  to  expect  as  nanotech  grows  up 


WHEN  IT  COMES  TO  MATTER,  size  really 
does  matter.  The  properties  of  materials 
that  we  notice — color,  hardness,  electrical 
conductivity  and  so  on — all  depend  on  the 
nature  and  structure  of  the  constituent 
atoms  and  molecules.  With  increasing 
ability  to  design  and  build  on  an  atomic 
and  molecular  scale — a  reasonable  defini¬ 
tion  of  nanotechnology — we  are  becoming 
better  and  better  at  developing  materials 
with  entirely  new  properties.  Those  mate¬ 
rials,  in  turn,  become  the  building  blocks 
for  more  complex  systems  and  entirely 
new  products. 

But  when  an  emerging  technology  is  the 
subject  of  as  much  hype  as  nanotech,  it’s 
easy  to  tune  out  and  stop  listening.  That 
would  be  a  big  mistake.  If  we  ignore  the 
unsupported  claims  and  misguided  specu¬ 
lation,  especially  about  what  might  be 
achieved  in  the  near  term — -there  remain 
solid  reasons  to  expect  significant  long¬ 
term  developments  in  what  the  National 
Science  Foundation  estimates  to  be  a 
trillion-dollar-plus  industry  during  the  next 
10  to  15  years. 

Why  nanotech?  With  it,  today’s  super¬ 
computer  could  become  tomorrow’s  wrist- 
watch  personal  assistant.  Buildings  and 
machines  could  signal  when  they  need 
maintenance — and  perhaps  repair  them¬ 
selves.  Our  clothing  could  monitor  our 
health  and  alert  us  to  environmental  haz¬ 
ards.  All  of  these  wonders,  and  many  more, 
are  scientifically  possible.  The  difficulty 
comes  in  figuring  out  how  and  when  these 
things  will  happen. 

The  biggest  nanotech  market  now,  and 
probably  for  some  time,  is  in  materials.  The 
use  of  nanosize  particles  in  products  such  as 
cosmetics,  sunscreen,  paints  and  a  host  of 


other  products  is  already  commonplace. 
Specialized  nanotech  startups  are  emerging 
in  droves,  and  new  industries  could  grow 
up  around  them.  Right  now,  for  example,  it 
is  difficult  to  count  the  number  of  startups 
selling  carbon  nanotubes  (the  strongest  and 
most  conductive  fibers  known),  even  though 

Potential  nanotech 
applications 
of  sensitive, 
inexpensive 
sensors  are  almost 
unlimited. 

there  are,  so  far,  no  proven  commercial 
applications  of  nanotubes.  Researchers  are 
also  learning  to  assemble  molecule-size  com¬ 
ponents  into  complex  composite  materials 
and  “smart”  materials.  Several  laboratories, 
for  example,  are  developing  nanostructured 
membranes  for  efficient  filtering  of  pollu¬ 
tants  from  water  or  air. 

But  while  materials  are  essential,  it  is  the 
prospect  of  new  devices  and  gadgets  that 
truly  captures  our  imagination.  Research  on 
nanosensors,  for  example,  is  burgeoning. 
The  potential  applications  of  sensitive,  selec¬ 
tive,  inexpensive  sensors  are  almost  unlim¬ 
ited — from  medical  diagnostics  to  chemical 
and  biohazard  detection.  No  wonder  many 
startup  companies  and  university  research 
groups  are  playing  in  this  arena. 

Will  we  someday  integrate  functional 


nanocomponents  into  the  complex  systems 
of  IT?  In  a  sense,  we  already  do.  Even  today, 
transistor  dimensions  are  measured  in 
nanometers.  IBM  has  shipped  more  than 
5  million  disk  drives  with  a  new  nano¬ 
structured  magnetic  coating  (humorously 
referred  to  as  Pixie  Dust),  which  will  allow 
us  to  quadruple  the  data  storage  capacity 
of  our  products. 

There  are,  however,  looming  obstacles 
to  further  progress.  First,  as  the  compo¬ 
nents  have  shrunk,  manufacturing  costs 
have  risen.  And  even  if  manufacturing 
costs  can  be  capped,  there  are  physical  lim¬ 
its  to  the  minimum  size  of  a  useful  silicon 
transistor  or  the  data  storage  density  of  a 
magnetic  disk. 

That  is  why  many  industry  and  univer¬ 
sity  laboratories  are  exploring  entirely  new 
devices  to  process  and  store  information. 
IBM  scientists,  for  example,  have  been 
exploring  the  potential  of  carbon  nanotube 
transistors.  We  are  certain  that  these  can  be 
made  smaller  than  any  possible  silicon  tran¬ 
sistor,  and  they  may  beat  silicon  in  perform¬ 
ance  as  well.  We  are  also  exploring  exotic 
new  ways  of  storing  information.  One,  a 
nanomechanical  system  called  Millipede, 
stores  data  as  minuscule,  erasable  indenta¬ 
tions  in  a  thin  plastic  film.  Millipede  might 
someday  allow  a  trillion  bits  of  information 
to  fit  inside  a  thin  wristwatch. 

However,  don’t  expect  these  new  nano¬ 
devices  in  your  computer  right  away. 
Hundreds  of  millions  of  transistors  are  inte¬ 
grated  in  the  latest  microprocessor  chips. 
In  contrast,  last  year  IBM  built  a  two- 
transistor  logic  circuit  from  a  single  carbon 
nanotube — and  that  was  the  world’s  first. 
It  will  take  some  time — probably  more 
than  10  years — to  learn  how  to  integrate 
billions  of  nanotube  transistors  into  a  use¬ 
ful  system.  But  whether  or  not  new  nano¬ 
devices  eventually  displace  the  silicon 
transistor  and  the  magnetic  disk,  nano¬ 
technology  is  the  future  of  information 
technology.  Stay  tuned.  BE! 


Thomas  N.  Theis  is  the  director  of  physical 
science  at  IBM's  T.J.  Watson  Research  Center. 


106  CIO  JULY  1,  2002  •  www.cio.com 


ABout- 

*  /n-fot-nvston  as  a 
d'-f-Poren-tiaW 

*  Leveraging  exis-fa, 

*  Bene-fits  of  fKe  , 
ovfcevpvise 


dorhpfti£ivc 


A  webcast 
worth  your  time. 

Anytime. 

View  now  and  discover  how  moving  from  a  static  to  a  real-time  information  delivery 
environment  for  the  extended  enterprise  will  give  you  an  edge  over  the  competition. 

ITworld.com  and  CIO  Magazine  invite  you  to  join  speakers  from  Federal  Express  and 
Information  Builders  for  a  unique  look  at  the  next  growth  area  of  business  intelligence— 
the  real-time  enterprise.  Learn  how  making  the  move  will  improve  customer  service, 
reduce  internal  costs  and  increase  revenues. 

Don’t  wait  another  minute,  watch  this  program  today.  You  can  jump  back  and  forth  from 
segment  to  segment  viewing  only  those  you  are  interested  in,  or  watch  the  entire  Webcast. 
Whatever  your  preference,  nothing  is  more  convenient.  View  this  program  today! 


View  at:  www.itworld.com/itwebcast/ibLl 


Sponsored  by 

Information 

Builders 


Produced  by 

131 


Reality  Bytes 

A  Cold  Look  at  Hot  Trends 


Summertime 
and  the  Books 
Are  Cheesy 


Every  season  is  the  silly  season  in  the  business  books 
field.  But  summertime  isthetimeto  samplethem. 

BY  MEGAN  SANTOSUS 


NOW  THAT  IT’S  SUMMERTIME  and  the  living  is  (putatively)  easy,  it’s 
traditional  to  shift  gears,  kick  back  and  pick  up  a  good  book. 
But  if  you’re  the  monomaniacal,  workaholic  type  that  can’t 
imagine  ever  diverting  her  attention  from  the  job  long  enough 
to  sample  a  mystery,  thriller  or  any  other  sort  of  light  beach 
reading,  you  can  dip  into  one  of  the  myriad  business  books  now 
available  that  promise  to  educate  as  well  as  entertain.  (And 
when  I  say  you,  of  course,  I  don’t  mean  me.  I  wouldn’t  touch 
any  of  these  books  with  the  proverbial  10-foot  pole.) 

History  Comes  Alive 

The  growing  compendium  of  books  about  Jack  Welch  notwith¬ 
standing,  a  current  trend  in  business  book  publishing  is  to  hold 
up  historical,  military  and  sports  figures  as  paragons  of  mana¬ 
gerial  acumen.  One  of  the  more  intriguing  recent  selections  is 
Moses  on  Management:  SO  Leadership  Lessons  from  the 
Greatest  Manager  of  All  Time,  by  David  Baron  and  Lynette 
Padwa.  I  haven’t  actually  read  the  book,  so  I  can’t  begin  to 
fathom  how  calling  down  a  rain  of  frogs,  afflicting  your  ene¬ 
mies  with  boils  or  parting  a  major  body  of  water  is  analogous  to 


any  aspect  of  running  a  business.  (Although  it  would  certainly 
be  handy.  Imagine:  one  moment  your  employee  is  asking  for  a 
raise,  the  next  he’s  neck  deep  in  frogs.  Not  to  mention  boils.)  Yet 
the  write-up  on  Amazon.com  makes  Moses  sound  like  a  real 
management  genius,  someone  who  has  a  lot  to  teach  CIOs 
grappling  with  decimated  budgets,  inchoate  strategies  and 
demoralized  employees.  Moses  apparently  was  a  whiz  at  face- 
to-face  negotiations  (having  the  Angel  of  Death  in  your  back 
pocket  is,  of  course,  an  ace  in  the  hole  not  available  to  most  jE 

CL 

CIOs)  and  a  master  motivator.  He  also  never  saw  a  crisis  he  £ 
couldn’t  turn  into  an  opportunity  for  change  management  and  S 
empowerment.  Sounds  like  a  bona  fide  business  guru  to  me. 

If  Moses  is  a  bit  too  far  removed  from  the  here  and  now,  “ 

O 

maybe  Alan  Axelrod’s  Elizabeth  I,  CEO:  Strategic  Lessons  5 

CL 

from  a  Leader  Who  Built  an  Empire  will  seem  more  relevant  £ 
to  our  modern  sensibilities.  Again,  I  haven’t  exactly  read  it,  d 


10  8  CIO  JULY  1,  2002 


www.cio.com 


ERP  and  CRM 


r 

L. 


Trying  to  take  the  guesswork  out  of  implementing  an  ERP  or 
CRM  application  may  seem  like  an  impossible  task.  Between 
evaluating,  negotiating,  budgeting,  selecting,  and  executing 
the  plan,  the  "unknowns"  can  seem  daunting,  and  the  process 
never-ending. 


TURN  TO  YOUR  PEERS— who  have  walked  this  path  before 
you— for  advice.  The  2002  ERP  and  CRM  Vendor  Scorecard 
from  Peerstone  Research  captures  the  challenges,  benefits, 
and  advice  from  the  true  experts— 163  Enterprise  Application 
users  — real  practitioners  whose  experience  will  help  you  make 
the  right  decision  for  your  enterprise. 

For  only  $795,  the  2002  ERP  and  CRM  Vendor  Scorecard  is 


Included  Are: 

^GB3233EB5P  Tour  peers  grade  the  big 
4  ERP/CRM  vendors'  performance  on 
features,  ROI,  software  quality,  ease  of 
integration,  and  vendor  services. 


Reviews  of  the  vendors  and 
verbatim  comments  from  your  peers  — 
both  pro  and  con— for  each. 


Find  out  what  your  peers  are 
saying  about  enterprise  applications' 
ability  to  create  value,  how  to  derive  the 
maximum  benefit  from  ERP  or  CRM,  and 
all  the  other  implementation  questions 
keeping  you  up  at  night. 


delivered  right  to  your  desktop  giving  you  immediate  access  to 
the  information  you  need.  Looking  for  peer-based  ratings  for 
enterprise  software  Systems  Integrators?  See  our  companion 
report,  the  2002  Systems  Integrator  Scorecard.  Printed 
copies,  volume  pricing  and  site  licenses  available  — see  our  web 
site  for  more  information. 


RESEARCH 


In  association  with  CXO  Media  Inc.,  publisher  of  CIO  and  Darwin  magazines 


FOR  EXECUTIVE  DECISION  SUPPORT  TOOLS,  VISIT  THE  CIO  STORE-THE  CIO’S  KNOWLEDGE  MARKETPLACE 

www.theCIOstore.com 


Reality  Bytes 


but  good  Queen  Bess  sure  sounds  like  a  dynamo.  As  both  a 
coach  and  mentor,  Elizabeth  became  adept  at  communicating 
a  coherent  management  style  (Do  what  I  say  or  I’ll  have  your 
head  cut  off)  and  engendering  loyalty  (Do  what  I  say  or...). 
Perhaps  not  coincidentally,  she  enjoyed  a  44-year  tenure  at  the 
top.  Not  bad. 

As  an  unmarried,  childless,  high-achieving  executive  woman, 
Elizabeth  typifies  the  dilemma  described  in  Creating  a  Life: 
Professional  Women  and  the  Quest  for  Children,  by  Sylvia 
Ann  Hewitt.  Hewitt  profiles  women  who  spend  all  their  time 


Moses  apparently  was  a  whiz  at  face-to-face 
negotiations— although  having  the  Angel  of 
Death  in  your  back  pocket  is,  of  course,  an 
ace  in  the  hole  not  available  to  most  CIOs. 


and  energy  in  their  20s  and  30s  establishing  high-profile  careers, 
only  to  end  up  single,  childless  and  bitter  by  40.  Using  Eliza¬ 
beth’s  story  as  an  object  lesson,  it  just  goes  to  prove  that  such 
a  fate  is  hardly  a  modern  phenomenon  but  one  that  befell 
women  back  in  the  16th  century  as  well.  Makes  one  cranky. 
Makes  one  want  to  cut  off  someone’s  head. 

War  and  Basketball 

In  today’s  rough-and-tumble  business  world,  the  bejeweled 
image  of  Elizabeth  I  may  not  resonate.  A  better  choice  might 
be  a  slightly  crumpled  military  man,  someone  like  Ulysses  S. 
Grant.  In  Cigars,  Whiskey  and  Winning:  Leadership  Lessons 
from  General  Ulysses  S.  Grant,  A1  Kaltman  reveals  the  Civil 
War  general’s  surprisingly  modern  management  side.  To  illus¬ 
trate  Grant’s  mastery  of  250  principles  of  business  success, 
Kaltman  focuses  on  Grant’s  career  ranging  from  his  West  Point 
days  to  his  generalship  in  the  war  with  Mexico  and  the  war 
between  the  states.  Among  the  tips  Kaltman  adumbrates  are 
Grant’s  strategic  planning  prowess  and  his  uncanny  ability  to 
learn  from  his  mistakes,  which,  by  the  way,  were  legion.  It’s 
rather  a  shame  that  Grant  couldn’t  translate  his  military  suc¬ 
cesses  into  other  aspects  of  his  life.  Before  the  Civil  War,  he 
was  a  spectacular  flameout  in  commercial  ventures,  failing  at 
real  estate,  farming  and  retailing.  As  president,  he  stood  watch 
over  an  administration  so  corrupt  and  mired  in  special  inter¬ 
ests  as  to  make  the  gang  that  ran  Enron  seem  like  a  troop  of  Boy 
Scouts.  (To  be  fair,  it  was  never  suggested  that  Grant  himself 
was  dishonest;  he  just  made  some  poor  staffing  decisions.)  But 
as  a  military  man,  Grant  was  indisputably  a  winner,  a  power¬ 
ful  and  ruthless  strategist:  The  sieges  he  levied  at  Vicksburg 


and  Petersburg  stand  to  this  day  as  models  for  sticking  it  to 
the  competition  on  its  home  turf. 

Given  the  state  of  the  world,  I  can  certainly  understand  if  a 
military-themed  book  doesn’t  seem  especially  appealing.  After 
all,  and  as  we  already  stipulated,  it  is  summertime.  Thankfully, 
there’s  no  shortage  of  business  books  written  by  coaches  and 
other  mavens  of  sport.  One  recent  addition  to  the  genre  is 
Leading  with  the  Heart:  Coach  K’s  Successful  Strategies  for 
Basketball,  Business  and  Life,  by  none  other  than  Duke  Uni¬ 
versity’s  head  hoops  guru  Mike  Krzyzewski  (pronounced,  unac¬ 
countably,  shuh-shef-skee).  Running  an  elite  ath¬ 
letic  program,  writes  Coach  K,  is  a  lot  like  man¬ 
aging  any  business  because  talented  individuals 
have  to  come  together,  gel  and  work  as  a  well- 
oiled  unit  toward  achieving  a  common  goal. 

During  his  reign  of  more  than  two  decades 
as  Duke’s  head  coach,  Krzyzewski  has  certainly 
earned  his  reputation  as  a  highly  successful 
recruiter,  motivator  and  organizer.  Year  in  and 
year  out,  fans  can  see  his  Blue  Devils  at  or  near 
the  top  of  the  NCAA  rankings.  However,  unlike  just  about 
any  business  on  the  planet,  Coach  K  never  has  to  contend  with 
budget  cuts  or  downsizing.  He  is  never  asked  to  win  games  with 
four  players  instead  of  five.  One  wonders  how  successful  Coach 
K  would  be  if  he  had  to  mold  a  winning  team  out  of  a  bunch 
of  clock  punchers  whose  sole  reason  for  showing  up  each  day 
was  to  collect  a  paycheck.  College  basketball  players,  after  all, 
sweat  for  glory,  not  silver. 

Or  perhaps  I’m  being  naive. 

So  Many  Books,  So  Little  Time 

If  the  above  choices  don’t  light  your  reading  lamp,  don’t  worry. 
There’s  never  a  shortage  of  oddly  themed  business  books.  How 
about  one  about  the  criminal  underworld  [The  Mafia  Manager: 
A  Guide  to  the  Corporate  Machiavelli)  or  the  spy  trade  (CIA, 
Inc.:  Espionage  and  the  Craft  of  Business  Intelligence ),  just  to 
name  two. 

Still,  as  I  settle  in  for  a  summer’s  worth  of  reading,  I  can’t  help 
but  wonder  why  business  can’t  be  a  metaphor  for  other  life 
endeavors,  instead  of  the  other  way  ’round.  Wouldn’t  you  read 
Continuous  Family  Improvement:  How  to  Fire  Your  Children, 
by  Jack  Welch,  in  which  he  recommends  letting  go  of  under- 
performing  progeny?  Or  We  Are  the  World  2.0,  in  which  Bill 
Gates  tells  the  leaders  of  the  world  how  to  get  along  by  get¬ 
ting  on  the  same  platform. 

Now  those  I  would  read.  HPl 

Opinion  Editor  Megan  Santosus  is  always  looking-for 
a  good  read.  You  can  tout  her  on  your  favorite  book  at 
santosus@cio.com . 


110  CIO  JULY  1,  2002  •  www.cio.com 


THE  FOURTH  ANNUAL 


CIO  MAGAZINE’S  ANNUAL  SYMPOSIUM  &  AWARDS 


Leadership  and  Innovation  for  the  Future  of  the  Integrated  Enterprise 


AUGUST  18-20,  2002  ■  THE  BROADMOOR  ■  COLORADO  SPRINGS,  COLORADO 

Join  your  CIO  peers  and  industry  experts  as  we... 

•  Explore  how  integration  creates  competitive  advantage 

•  Redefine  leadership  -  and  the  role  of  IT  -  in  the  next  business  epoch 

•  Target  the  emergingtechnologies  that  will  change  your  business 

•  Share  lessons  learned  and  best  practices 

Bus 


AUGUST  18-20,  2002  ■  THE  BROADMOOR 


COLORADO  SPRINGS,  COLORADO 


Leadershi 


Partners 


Acxiom  Corporation 


Fujitsu 


Hewlett-Packard 


Novell,  Inc 


PeopleSoft,  Inc 


Sterling  Commerce,  Inc 


SupportSoft,  Inc 


Wheelhouse 


This  year’s  CIO  100  Awards 
Ceremony  is  proudly 
underwritten  by 


SUNDAY,  AUGUST  18 

8:00  AM  -  1:30  PM 

Golf  Tournament 

Tee  up  with  CIO  and  our  Corporate 
Partners  on  The  Broadmoor’s  West 
Course,  designed  by  Robert  Trent 
Jones,  and  known  for  its  challenging, 
steeply-angled  greens, 

3:00  PM  -  5:00  PM 

Registration 

6:00  PM  -  7:30  PM 

Cafe  100  Reception 

Meet  and  network  with  other  partici¬ 
pants,  Award  honorees  and 
Symposium  Partners  in  our  informal 
networking  environment. 

MONDAY,  AUGUST  19: 

Today’s  Challenges 

7:00  AM  -  8:00  AM 

Registration  &  Breakfast 

8:00  AM  -  8:15  AM 

Conference  Welcome 

ABBIE  LUNDBERG 
Editor  in  Chief, 

CIO  Magazine 

8:15  AM  -  9:00  AM 

Future  Forewarned 

PAUL  SAFFO, 

Conference  Moderator 
Director  and  Roy  Amara  Fellow, 
Institute  for  the  Future 
What  business  and  technology  devel¬ 
opments  will  have  the  most  impact 
on  CIOs  in  the  year  to  come?  Saffo 
shares  his  choices  and  why  he  thinks 
these  are  the  key  ones  to  look  out  for. 


9:00  AM  -  9:45  AM 

Achieving  Global  Integration  at 
GM 

CHERRI  MUSSER 
CIO  -  Supply  Chain, 
eGM,  Onstar  Information 
Systems  &  Services 

9:45  AM  -  10:15  AM 

Innovation,  Leadership  and 
Integration 

CRAIG  CONWAY 
CEO,  PeopleSoft,  Inc. 

10:15  AM  -  10:45  AM 

Mid-Morning  Break 

10:45  AM  -  11:30  AM 

Supply  Chain  Lessons  Learned 
from  the  High-Tech  Implosion 

BUD  MATHAISEL 

Corporate  Vice  President  &  CIO, 

Solectron 

Inventory  write-offs  have  been  in  the 
billions  of  dollars.  This  has  been  a 
financial  problem  for  high-tech  com¬ 
panies,  and  a  particular  embarrass¬ 
ment  for  those  companies  with 
vaunted  Internet  connections  to  their 
suppliers  and  customers.  What  went 
wrong?  Was  it  the  systems,  process¬ 
es,  people  or  incentives  that  failed? 
Does  a  risk-based  approach  towards 
supply  chain  management  have 
potential?  Mathaisel  presents  his 
perspective  and  a  framework  for 
helping  to  prevent  the  reoccurrence 
of  this  expensive  set  of  mistakes. 

11:40  AM  -  1:15  PM 

Industry  Briefings 

Our  corporate  partners  present  case 


studies  and  sessions  on  deploying 
the  latest  technologies  and  services. 

1:15  PM  -  2:45  PM 

Working  Luncheon:  Special 
Presentation  on  Security  and 
Privacy 

This  session  is  produced  in  coopera¬ 
tion  with  the  National  Critical 
Infrastructure  Assurance  Office 
(CIAO)  in  the  US  Department  of 
Commerce. 

2:45  PM  -  4:00  PM 

Privacy,  the  Law  and  CIOs 

CHRIS  HOOFNAGLE 
Legislative  Counsel, 

Electronic  Privacy 
Information  Center 
Like  it  or  not,  as  a  CIO 
you  will  be  highly  involved 
in  your  organization’s  electronic 
privacy  policies  —  and  their  legal 
ramifications.  We  look  at  current  and 
proposed  legislation  that  will  have 
major  impact  on  CIOs,  their 
corporate  officers,  customers  and 
employees. 

4:00  PM  -  5:30  PM 

CIO  Executive  Mindshares 

Small  working  groups  explore  the 
leadership  challenges  and  best  prac¬ 
tices  of  specific,  critical  IT/business 
topics.  Members  share  experiences, 
lessons  learned,  mistakes  and  suc¬ 
cesses,  and  new  ideas  for  tackling 
common  problems.  Session  participa¬ 
tion  is  limited  to  CIOs  and  senior  IT 
executives. 


To  enroll  or  for  more  information,  call  800  355-0246,  fax  the  form 
to  508  879-7720,  or  visit  our  Web  site  at  www.cio.com/conferences 


& 


AWARDS 


CEREMONY 


a  t i o  n ■ I  ntegra t  i  o  n 


6:00  PM  -  7:00  PM 
Cafe  100  Reception 

Catch  up  with  our  Symposium 
Partners  and  other  participants  in 
our  informal  networking  lounge. 
Develop  relationships  with  peers 
who  will  serve  as  sources  of  infor¬ 
mation  and  inspiration. 

TUESDAY,  AUGUST  20: 

Tomorrow’s 

Opportunities 

7:00  AM  -  8:00  AM 

Breakfast  &  Informal 
Roundtable  Discussions 

Gather  with  CIO  magazine  editors 
and  fellow  attendees  to  discuss 
common  problems  and  possible 
solutions.  Each  table  has  a  specific 
topic;  choose  one  and  join  in. 

8:00  AM  -  8:15  AM 

Welcome 

PAUL  SAFFO 

8:15  AM  -  9:15  AM 
The  Information  Revolution: 
Why  This  is  Just  the 
the  Beginning 

W.  BRIAN  ARTHUR 
Citibank  Professor, 

Santa  Fe  Institute 
According  to  history,  in 
the  first  stage  of  a  technology  revo¬ 
lution,  a  period  of  speculation  is  fol¬ 
lowed  by  a  crash.  But  we  can  expect 
more  real  innovation  to  come  in  the 
great  build-out  that  follows,  this 
time  driven  by  the  interconnection 
of  business  and  the  appearance  of 
Web-based  services. 


9:15  AM  -  10:15  AM 

The  Future  of  Technology  in 

Business,  Part  I 

While  the  pace  of  innovation  and 
change  in  the  tech  sector  has 
slowed  dramatically,  the  real  build¬ 
out  —  and  the  real  transformation 
of  business  —  is  yet  to  come.  New 
developments  like  the  semantic 
web,  virtual  reality  modeling  lan¬ 
guage  (VRML),  wireless  everywhere, 
cutting-edge  security  tools  and  tech¬ 
niques,  and  the  ability  of  organiza¬ 
tions  to  store  and  manage  over  a 
petabyte  of  information  will  make 
things  possible  that  only  the  futur¬ 
ists  dreamed  about  before.  This 
panel  of  leading  technologists 
explores  some  of  these  critical 
areas. 

10:15  AM  -  10:45  AM 

The  Future  of  Techonology  in 
Business,  Part  II 

The  morning’s  speakers  gather  for 
an  interactive  discussion  about 
where  these  developments  will  lead 
today's  organizations. 

10:45  AM  -  11:15  AM 

Mid-Morning  Break 

11:15  AM  -  12:55  PM 

Industry  Briefings 

1:00  PM  -  2:15  PM 
Networking  Luncheon 

Savor  lunch  and  the  beautiful  view 
from  the  Lakeside  Terrace  while 
you  extend  your  peer  network. 


2:30  PM  -  3:30  PM 
Leading  in  the  Next 
Business/IT  Epoch 
Moderator: 

ABBIE  LUNDBERG 
Editor  in  Chief, 

CIO  Magazine 
Panelists: 

ROB  CARTER 
CIO  &  Executive  Vice 
President,  FedEx 
Corporation 
JERI  DUNN 
CIO,  Nestle  USA,  Inc. 

REBECCA  RHOADS 
CIO,  Raytheon  Company 
IT  is  more  exposed  to, 
and  embedded  in,  the 
business  than  ever  before.  As  we 
emerge  from  the  recession,  what 
will  be  the  next  IT  epoch,  and  how 
will  CIOs  best  lead  their  organiza¬ 
tions  into  it?  This  roundtable  of  CIO 
100  Honorees  discusses  our  current 
state  of  evolution,  where  we’re 
heading  and  the  requirements  of 
the  IT  leadership  role,  including 
shifting  accountability,  governance 
and  organization  models,  the  chal¬ 
lenge  of  ROI,  and  transformation  vs. 
enablement. 


3:30  PM  -  4:15  PM 
Closing  Keynote 

MICHAEL  SCHRAGE 
Inventor,  Columnist  and  Author  of 
‘‘Serious  Play:  How  the  World's 
Best  Companies  Simulate  to 
Innovate" 

4:15  PM  -  4:30  PM 

Closing  Comments 

PAUL  SAFFO  &  ABBIE  LUNDBERG 

4:30  PM  -  6:30  PM 

Free  Time/Informal 
Networking 

6:30  PM  -  7:00  PM 

CIO  100  Awards  Reception 

Put  on  the  evening  wear  for  our 
special  black  tie  reception,  followed 
by  dinner  and  the  awards  ceremony 
to  recognize  this  year’s  CIO  100 
Award  Honorees. 

7:00  PM  -  9:30  PM 

CIO  100  Awards  Dinner  and 
Ceremony 

9:30  PM  -  11:00  PM 

Dessert  Reception 
Hosted  by  CIO  100  Awards 
Ceremony  Underwriter, 
PeopleSoft,  Inc. 

Cap  off  the  evening  with  a  special 
post-awards  reception. 


The  Broadmoor 

The  Broadmoor  Located  in 
Colorado  Springs  at  the  foot  of  the 
Rockies,  The  Broadmoor  provides 
an  environment  of  unparalleled 
beauty  and  luxury  surrounded  by 
the  mountains  and  centered  by 
Cheyenne  Lake. 

Altitude  Caution:  For  your  safety  and  comfort, 
please  be  aware  that  The  Broadmoor  is  just  over 
6000  ft.  above  sea  level. 


End  of 


CIO  100  SYMPOSIUM  &  AWARDS 
AUGUST  18-20,  2002 
THE  BROADMOOR 


COLORADO  SPRINGS,  COLORADO 

ENROLLMENT  APPLICATION 

□  1  won't  be  able  to  attend,  but  please  keep  me  updated  on  future 

CIO  events. 

NAME 

TITLE 

'  ( 

COMPANY 

ADDRESS 

MAIL  STOP 

TELEPHONE 

FAX 

CITY,  STATE,  ZIP 

E-MAIL  ADDRESS 

WEBSITE  URL 

NAME  AS  YOU  WANT  IT  TO  APPEAR  ON  YOUR  BADGE 


□  i  will  be  attending  the  Awards  Ceremony  Dinner  on  Tuesday 
evening. 

□  I  will  bring  a  companion  at  the  cost  of  $375.  (Please  note: 
Companion  Program  details  under  enrollment  fees) 


NAME  OF  MY  COMPANION 

□  My  companion  will  attend  the  USAFA  Garden  of  the  Gods  tour 
Monday  Morning. 

□  My  companion  will  be  attending  the  Awards  Ceremony  Dinner  on 
Tuesday  evening. 

WHAT  IS... 

YOUR  PRIMARY  INDUSTRY? 


YOUR  ORGANIZATION'S  ANNUAL  REVENUES  OR  ASSETS? 


YOUR  ANNUAL  IT  BUDGET? 


If  this  is  your  first  CIO  event, 
your  business  card  is  required 
to  process  your  registration. 


4ROBJY1 


ENROLLMENT  FEES 

□  IS  Practitioner/Executive  $2,195 

Please  make  your  hotel  reservations  immediately  by  calling  CIO 
Conference  Housing  at  800  514-7639.  To  receive  the  discounted  rate, 
please  mention  you  are  attending  CIO  100  when  making  your  reservations. 
Be  sure  to  guarantee  your  room  with  a  credit  card,  as  all  unreserved  or 
unguaranteed  rooms  will  be  released  on  July  5,  2002.  Hotel  reservations, 
cancellations  and  charges  are  your  responsibility.  If  a  Symposium 
Enrollment  Form  is  not  received  within  48  hours  of  making  your  hotel 
reservation,  your  room  will  be  released  from  the  CIO  100  room  block. 

□  US  Federal  Government/Military  $2,495 

This  fee  includes  your  hotel  for  three  nights.  CXO  will  make  your  hotel 
reservations  for  arrival  Sunday,  August  18  and  departure  Wednesday, 

August  21.  Additional  hotel  reservations  are  your  responsibility. 

□  Companion  Program  $375 

This  fee  includes  all  scheduled  meals,  receptions  and  entertainment, 
planned  companion  activities  and  the  CIO  100  Dinner  &  Awards  Ceremony. 
Companions  are  not  eligible  to  participate  in  the  golf  tournament  or 
Symposium  sessions.  Companions  must  be  enrolled  in  this  program  to 
attend  any  Symposium  function. 

□  Sales/Marketing/Consulting  $10,000 

This  fee  applies  if  you  hold  a  sales,  marketing,  business  development  or 
consulting  position,  including  executive  management  of  IT  vendor  and  con¬ 
sulting  companies.  This  enrollment  fee  is  payable  by  company  check  only 
and  does  not  include  three  nights  hotel.  CXO  will  make  the  final  determi¬ 
nation  of  this  category. 

PAYMENT 

□  Check  enclosed.  Mail  to: 

Executive  Programs,  CXO  Media  Inc.,  P3620,  Boston,  MA  02241-3620 

□  P.O.  # _ 

□  MC  □  Visa  □  AmEx 


ACCT.  #  EXP. 


SIGNATURE 

All  fees  must  be  paid  prior  to  the  Symposium,  and  all  cancellations  and 
changes  must  be  made  in  writing.  Transportation,  hotel  and  recreation  are 
your  responsibility.  You  may  cancel  your  Symposium  attendance  up  to  July 
19,  2002  without  penalty.  A  $900  administration  fee  will  be  imposed  for 
cancellations  received  between  July  20  -  August  2,  2002.  No  refund  or 
credit  will  be  given  for  cancellations  received  on  or  after  August  2,  2002 
or  for  no-shows.  CXO  reserves  the  right  to  limit  attendance  to  practitioners 
and  Partner  organizations. 


To  enroll  or  for  more  information,  call  800  355-0246,  fax  this  enrollment  form  to  508  879-7720,  or  visit  our  Web  site  at 

www.cio.com/conferences 


Mid-Atlantic 


Southern  California 


Sales  and  Services 


CIO  SALES  OFFICES 

President  &  CEO 

Joseph  L.  Levy  •  508  935-4601 
Publisher  Gary  J.  Beach  •  508  935-4202 

Executive  VP  Sales/Custom  Publishing 

Ellen  Romanow  •  508  935-4796 

Sales  Operations  Associate  Kim  Harris 

East  Coast 

Senior  VP  Sales/East 

Michael  J.  Masters  •  973  244-4040 

Senior  Regional  Mgr./Advertising  Sales 

Kathy  Powers  •  973  244-4041 

Regional  Sales  Manager 

Ellie  Schwab  •  973  244-4042 

Account  Executives 

Joan  Bonadeo  •  973  244-4043 

Gale  Tedeschi  •  973  244-4031 

Office  Mgr.  Marlene  Levis  •  973  244-4033 

Sales  Asst.  Lin  Viggiano  •  973  244-4035 

Administrative  Assistant 

Sharon  Harrison  •  973  244-4037 

New  England 

Senior  Regional  Manager/ Advertising  Sales 

LenGanz- 508  935-4039 

Senior  Advertising  Sales  Associate 

Dawn  Cora  •  508  935-4092, 

Fax  508  879-6063 


Senior  Regional  Manager/ Advertising  Sales 

Louise  Cupelli  •  215  627-8114 
Account  Executive 

Maureen  Welsh  •  215  627-8114 

South  Central 

Regional  Director/Advertising  Sales 

Robert  E.  Sawdon  •  512  306-9801 

Advertising  Sales  Associate 

Brenda  Garza  •  512  306-9801, 

Fax  512  306-9805 

North  Central 

Senior  Regional  Manager/Advertising  Sales 

Keith  H.  Kenner  •  847  441-5005, 

Fax  847  441-5150 
Account  Executive 
Beth  Carlson -847  441-3140 
Advertising  Sales  Associate 
Kim  Giovanni  •  847  441-5005 

West  Coast 

VP  Sales/West 

Cheri  McKeithan  •  415  975-2685 

Regional  Manager/Advertising  Sales 

Ai  Collins  *415  975-2686 

District  Manager 

Kristin  Nystrom  •  415  975-2687 

Account  Executive 

Jeff  Odell  *415  975-2682 

Senior  Advertising  Sales  Associate 

Derek  Jung  •  415  975-2683 

Advertising  Sales  Associates 

Anna  Limon  •  415  975-2694 
Tom  Ocampo  •  415  975-2693 


Regional  Sales  Manager  Chris  Hempel  • 
949  475-5579,  Fax  949  475-5583 
Account  Executive  Chris  Bramel  • 

949  475-5579,  Fax  949  475-5583 

Sales  Associate  Isaac  Ugay  •  949  475-5579, 

Fax  949  475-5583 

LIST  SERVICES 

List  Services  Director 

Kathryn  A.W.  Marston  •  508  935-4072 

List  Services  Account  Executive 

Stephanie  Roy  •  508  935-4151 

List  Services  Coordinator 

Kim  Cormican  •  508  935-4152 

ONLINE  SERVICES 

VP/Online  Sales 

Lisa  Brown  •  508  935-4470 

Online  Sales  Mgr. 

Michael  McPhee  •  508  935-4611 

CUSTOM  PUBLISHING 

Group  Director  Michael  Siggins 
Director  Mary  Gregory 

Director  of  Content  Development  Tom  Field 
Project  Managers  Lisa  Chaffin  (Senior), 
Sally  Ellison 

Graphic  Designer  Chris  Brown 

REPRINT  SERVICES 

For  article  reprints,  please  contact 
Reprint  Services  at  651 582-3800  or 
e-mail  cioreprints@reprintservices.com. 

For  further  sales  information,  visit 
www.cio.com/marketing/salesoffices.html 


Index  of  Companies 
and  Advertisers 

Page  numbers  refer  to  the  first 
page  of  the  article(s)  in  which  the 
company  is  mentioned.  This  index 
is  provided  as  a  service  to  readers. 
The  publisher  does  not  assume 
any  liability  for  errors  or  omis¬ 
sions. 


COMPANY  INDEX 

3Com  Corp . 80 

Aberdeen  Group  Inc . 98 

Adonix  . 28 

Airbus  SAS . 72 

American  International 
Group  Inc . 98 

American  Skiing  Co . 98 

Apex  Systems  Inc . 88 

Atheros  Communications  Inc.  80 
AT&T  Wireless  Services  Inc.  .  .  56 

Best  Buy  Co.  Inc . 98 

Best  Software  Inc . 72 

Bluesocket  Inc . 80 

Bornemann  Associates  Inc.  . .  72 

Boyd  Group,  The . 72 

Carttronics  LLC . 28 

Cinergy  Corp . 98 

Cisco  Systems  Inc . 80 

Computer  Associates 
International  Inc . 48 

Conference  Board,  The . 56 

Constellation  Energy 
Group  Inc . 28 


Dash  Group . 72 

DirecTV  Inc . 72 

Doubleclick  Inc . 56 

Dreyfus  Corp.,  The  . 98 

Enterasys  Networks  Inc . 80 

Equifax  Inc . 56 

Expand  Beyond  Corp . 98 

Federal  Home  Loan  Bank  of 
Dallas  Inc . 28 

Foote  Partners  LLC . 28 

Forrester  Research  Inc . 98 

Gartner  Inc . 80 

Gemplus  Technologies  Asia 
Pte  Ltd . 88 

Genalytics  Inc . 98 

Good  Technology  . 98 

History  Channel,  The  . 98 

Honen  &  Wood  PC . 56 

i2  Inc . 28 

IBM  Corp . 98 

iGine  Pte  Ltd . 88 

Inovant  Inc . 56 

International  Data  Corp . 98 

JetBlue  Airways  Corp . 72 

Kart  Saver  Inc . 28 

Kmart  Corp . 28 

KXEN  . 98 

Lucent  Technologies  Inc . 28 

Mastercard  Services  Inc . 56 

Mayo  Foundation  . 56 

McKinsey  &  Co . 44 

Meta  Group  Inc . 80 

Microsoft  Corp . 72 

Microsoft  Singapore  Pte  Ltd.  .  88 


N2H2  Inc . 56 

National  Center  for  Missing  and 
Exploited  Children . 28 

Oppenheimer  Funds . 56 

Paul,  Hastings,  Janofsky  & 

Walker  LLP . 80 

Pioneer  Bank  . 28 

Procter  &  Gamble  Co.,  The  .  .  98 

PSA  Corp.  Ltd . 88 

Quiksilver  Inc . 56 

Roper  Starch  Worldwide  Inc.  .  56 

Saab  Cars  USA  Inc . 56 

Save-A-Lot  Ltd . 28 

Sun  Microsystems  Pte  Ltd.  ...  88 

Top  Layer  Networks  . 80 

TowerGroup  Inc . 28 

United  Parcel  Service  of 
America  Inc . 80 

Vernier  Software  & 

Technology . 80 

Visa  International  . 56 

Vivendi  Universal  Games  ....  28 

Wal-Mart  Stores  Inc . 64 

Warner  Music  Group . 28 

ADVERTISER  INDEX 

Acxiom  Corp . 29 

American  Power  Conversion  .  .  85 

Avaya  . 52,  53 

Cingular  Wireless . 69 

Cisco  Systems  Inc . 20,  21 

Cognos  Inc . 19 

Computer  Associates 
Inti.  Inc . 7,  71 


CXO  Media  Inc. .  101, 103, 105,  111 


Dell  Computer  Corp . 16 

Deloitte  &  Touche  LLP . 15 

EMC  Corp . 79 

Enterprise  Software  HQ . 81 

Gateway  . 83 

Genesys  Telecommunications  .  61 

Genuity . 47 

Hewlett-Packard . C2 

IBM  Corp . 34,  54,  91 

Intel  Corp . 23 

ITworld.com . 107 

KPMG  Consulting  . 31 

Lockheed  Martin . 99 

Mercury  Interactive . 33 

Microsoft  Corp . 2 

NEC/Mitsubishi  . 42 

Nortel  Networks  . 87 

Novell  . 41 

NTT  Communications . 11 

Oki  Data  . 51 

Oracle  Corp . C4 

Palm  Inc . 8 

Panduit  Corp . 93 

Peerstone  Research  . 109 

Quantum's  Network  Attached 
Storage  Div. . 45 

Red  Hat  . 39 

Resources  Connection . C3 

SAP . 97 

Sony  Corp . 49 

Sun  Microsystems  Inc . 12 

Unisys  Corp . 75 

WRQ . 4 

Xerox  Corp . 37 


CIO  IS  PUBLISHED  IN  THE 
UNITED  STATES  AS  WELL  AS  IN: 

Australia,  CIO  Australia  www.idg.com.au 
Canada,  CIO  Canada  www.lti.on.ca/cio 
China,  CEO  &  CIO  China 
www.ceocio.com.cn 
Germany,  CIO  Germany  www.cio.de 
India,  CIO  India  91-80-521-0309/12 
Japan,  CIO  Japan  www.idg.co.jp 
Korea,  CIO  Korea  www.cio.seoul.kr 
Poland,  CXO  Poland  www.cxo.pl 
New  Zealand,  CIO  New  Zealand 
www.idg.co.nz 

Singapore,  CIO  ACEN/Hong-Kong 
www.idg.com.sg 


CIO  Contact 
Information 


Editorial,  Advertising  and  Business 
Offices:  492  Old  Connecticut  Path, 
P.O.  Box  9208,  Framingham,  MA 
01701-9208,  508  872-0080. 

CIO  (ISSN  0894-9301)  is  published 
semimonthly  and  as  a  combined  issue 
December  15/January  1  by  CXO  Media 
Inc.,  492  Old  Connecticut  Path,  P.O. 
Box  9208,  Framingham,  MA  01701- 
9208.  Periodicals  postage  paid  at 
Framingham,  MA,  and  at  additional 
mailing  offices.  Canada  Publications 
Mail  Agreement  Number  1902075. 
CANADIAN  POSTMASTER:  Please 
return  undeliverable  copy  to  P.O.  Box 
1632,  Windsor,  ON  N9A  7C9. 

Permissions:  Copyright  2002  by  CXO 
Media  Inc.  All  rights  reserved.  Repro¬ 
duction  of  material  appearing  in  CIO 
is  forbidden  without  written  permis¬ 
sion.  Send  all  requests  to  Permissions 
Department,  CIO,  492  Old  Connect¬ 
icut  Path,  P.O.  Box  9208,  Framing¬ 
ham,  MA  01701-9208. 

Photocopy  Rights:  Permission  to 
photocopy  for  internal  or  personal 
use  or  the  internal  or  personal  use  of 
specific  clients  is  granted  by  CIO  for 
users  through  the  Copyright  Clear¬ 
ance  Center,  provided  that  the  base 
fee  of  $3  per  copy  of  the  article,  plus 
$.50  per  page  is  paid  directly  to 
Copyright  Clearance  Center,  27 
Congress  Street,  Salem,  MA  01970. 
Please  specify:  ISSN  0894-9301. 
Permission  to  photocopy  does  not 
extend  to  contributed  articles 
followed  by  this  symbol:  :f. 

Subscriptions:  Address  inquiries  to 
CIO,  492  Old  Connecticut  Path,  P.O. 
Box  9208,  Framingham,  MA  01701- 
9208;  800  788-4605.  CIO  is  free  to 
qualified  information  executives.  To 
all  others  the  one-year  basic  rate  is 
$94  for  the  United  States  and 
Canada,  $175  to  foreign  countries 
(payable  in  U.S.  funds  only).  The 
single  copy  price  is  $9.  Please  allow 
four  to  six  weeks  for  new  subscrip¬ 
tions  to  begin. 

Change  of  Address:  Please  fax  a  copy 
of  current  subscription  label  along 
with  new  address  to  508  879-7899. 
Allow  four  to  six  weeks  for  change  to 
take  effect. 

Postmaster:  Send  change  of  address 
to  CIO,  P.O.  Box  489,  Northbrook,  IL 
60065-9816.  Printed  in  the  U.S. A. 


www.cio.com 


JULY  1,  2002  CIO  115 


EXECUTIVE 

1  i  wtn  nfi 


F!  6': 


July  1,  2002 


COVER  STORY  I  Ethical  Data 
Management 

By  Scott  Berinato  I  56 

Customer  data  management  traps 
CIOs  between  two  loathsome 
roles — the  bad  guy  and  the  fall  guy. 
Either  the  CIO  stops  marketers  from  using 
data  for  purposes  some  customers  are  not 
comfortable  with — stemming  potential 
revenue  streams — or  the  CIO  imparts  no 
ethical  code  and  is  left  to  explain  why  the 
company  has  allowed  a  customer’s  data  to 
be  exploited.  AT&T  Wireless,  Qwest,  Saab 
and  Visa  have  all  grappled  with  ethical  data 
management,  some  choosing  paths  that  led 
to  public  outrage.  Companies  must  realize 
that,  in  the  end,  it’s  their  customers  who 
decide  whether  a  company  has  acted 
ethically,  regardless  of  what’s  allowed  under 
law.  Most  unethical  use  of  data  happens 
through  function  creep,  in  which  piecemeal 
requests  to  use  the  data  mount  to  the  point 
where  the  data  is  primarily  used  for  func¬ 
tions  that  were  never  originally  intended. 
CIOs  need  to  put  firm  policies  in  place  to 
stem  the  tide  of  function  creep,  as  proposed 
in  the  six  commandments  of  ethical  data 
management  in  this  article. 


“Somehow,  technology 
has  led  to  this  rogue 
theory  that  acquiring 
data  about  people 
gives  you  the  right  to 
own  that  data,  that 
mere  collection  trans¬ 
lates  to  ownership.” 

-CHRIS  H00FNAGLE,  LEGISLATIVE 
COUNSEL  AT  THE  ELECTRONIC 
PRIVACY  INFORMATION  CENTER 


Wal-Mart  CIO  Interview  ByAbbieLundberg  I  64 

IN  A  WIDE-RANGING  exclusive  interview,  next-gen  CIO  Kevin  Turner,  36,  tells  how  Wal-Mart  is 
coping  with  global  growth  despite  a  commitment  to  run  IS  centrally.  It’s  a  tricky  balance  of  central¬ 
ized  systems  and  controls,  and  local  flexibility  in  decision  making.  After  some  tough  lessons  in  which 
users  spurned  new  systems,  Turner  explains  how  the  IS  staff  increased  its  project  success  rate  by 
walking  in  the  users’  shoes  before  doing  the  system  spec.  Turner  reveals  the  transformational  tech¬ 
nologies  that  have  excited  his  interest,  including  voice  over  IP  (VoIP),  voice  recognition  and  radio 
frequency  identification,  and  “cheap  chips”  that  will  replace  bar  codes  and  enable  customers  to  use 
their  own  wireless  devices  in  the  store.  Turner  also  describes  ways  Wal-Mart  recognizes  projects  in 
jeopardy  and  laments  the  large  security  investment  dictated  by  vendors’  vulnerable  product  designs. 

JetBlue  Airways  Profile  By  Stephanie  Overby  I  72 

JETBLUE  AIRWAYS  began  life  four  years  ago  with  a  plan  to  create  a  cost  structure  that  could 
support  low  fares.  It’s  proved  successful — the  company  posted  2001  profits  while  its  rivals  lost 
billions.  Innovative  IT  has  been  the  key.  JetBlue  created  the  industry’s  first  paperless  cockpit,  equip¬ 
ping  pilots  and  first  officers  with  laptops,  saving  4,800  man-hours  a  year.  JetBlue  enabled  VoIP  lines 
for  600  at-home  reservation  agents.  A  tracking  program  accounts  for  all  operational  data  (updated 
flight  by  flight),  and  an  intranet  connects  2,800  employees.  Crew  members  use  wireless  devices  to 
report  and  respond  to  irregularities  such  as  weather  delays.  But  CIO  Jeff  Cohen  doesn’t  embrace  all 
hot  technologies.  He  ended  wireless  terminal  check-ins  when  counter  agents  proved  to  be  the  faster 
way  to  get  people  on  the  planes.  “If  it  doesn’t  make  you  efficient,  it’s  not  cool,”  Cohen  says. 

Wireless  Security  By  Sarah  D.Scaiet  I  80 

BY  GARTNER’S  ESTIMATES,  one  in  five  companies  has  a  wireless  LAN  that  the  CIO  doesn’t 
know  about,  and  60  percent  of  WLANs  don’t  have  their  basic  security  functions  turned  on. 

Governed  by  the  802.11  standard,  WLANs  transmit  data  by  radio  waves,  signals  that  can  be  picked 
up  by  a  $70  wireless  network  card.  An  audit  for  WLANs  will  help  locate  rogue  installations  and  also 
determine  how  far  the  signal  is  transmitting.  If  the  signal  is  stronger  than  it  needs  to  be,  the  amplifica¬ 
tion  level  often  can  be  turned  down.  Beyond  that,  CIOs  have  five  options,  depending  on  the  sensitiv¬ 
ity  of  the  data  and  how  the  wireless  devices  are  used.  They  can  make  sure  there  is  full  use  of  built-in 
security  features,  wall  off  the  WLAN  from  the  rest  of  the  network,  encrypt  data  end  to  end,  imple¬ 
ment  proprietary  security  add-ons  or  wait  on  the  creation  of  standards  for  new  levels  of  encryption. 

Asia  101  By  Tom  Field  I  88 

SINGAPORE  IS  WHERE  businesses  go  to  get  their  feet  wet  in  Asia.  Attractive  to  Western 
business  interests  since  1819,  Singapore  is  host  to  6,000  multinational  companies,  all  seeking  the 
opportunities  of  the  Asian  market.  Successful  global  players  need  to  know  the  rules  of  engagement 
with  the  government  and  culture  of  this  tiny  Pacific  island  city-state.  The  business-friendly  govern¬ 
ment  facilitates  partnerships.  The  high-tech  and  financial  services  industries  are  lightly  regulated,  and 
telecom  was  privatized  in  2000  (the  infrastructure  is  state  of  the  art,  a  rarity  in  Asia).  But  there  are 
restrictions  for  media  and  entertainment  companies.  And  multinationals  shouldn’t  expect  cheap  labor. 
Singapore  has  a  shortage  of  IT  workers,  and  they  command  $24,000  per  year  on  average — twice  the 
pay  of  top  programmers  in  India.  In  “Asia  Scorecard,”  CIO  compares  Asian  capitals  according  to 
their  IT  infrastructures,  IT  work  force,  Internet  penetration  numbers  and  other  metrics  important  to 
analyzing  opportunities. 


116  CIO  JULY  1,  2002 


www.cio.com 


RESOURCES 


Get  there  with  people  who  have  been  there  before 

Finance  and  Accounting,  HR,  and  IT 


IT'S  A  COMFORTABLE  CHAIR, 
UNLESS  YOU  HAVE  TO  SIT  IN  IT 


Because  when  you  sit  here,  you  face  decisions. 

About  costs.  About  people.  About  how  to  survive. 

With  our  Associates  on  your  project,  with  their  skills  and  experience 

Those  decisions  become  easier. 

The  chair  becomes  more  comfortable. 


with  the  Fortune  100 


Combination 
of  vendors 
15% 


Other 

4% 

Microsoft  SQL 
Server 
8% 


IBM  DB2  on 
Unix/NT 

3% 


IBM  DB2  on 
the  mainframe 
19% 


Oracle 

51% 


More  than  half  of  the  Fortune  100  run 
Oracle  as  their  primary  database. 


Source:The  FactPoint  Group,  April  2002  Oracle. COITl/ad 

or  call  1.800.633.1062 


Copyright  ©2002  Oracle  Corporation.  All  rights  reserved.  Oracle  is  a  registered  trademark  of  Oracle  Corporation 
Other  names  may  be  trademarks  of  their  respective  owners. 


